<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="profile" href="https://gmpg.org/xfn/11" />
<link rel="pingback" href="https://securityboulevard.com/xmlrpc.php" />
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js" type="a013c9d52a0a1157690516e6-text/javascript"></script>
<link rel='stylesheet' id='colormag_style-css' href='https://securityboulevard.com/wp-content/themes/colormag-pro/sb.css' type='text/css' media='all' />
<script type="a013c9d52a0a1157690516e6-text/javascript">
setTimeout(function(){
  console.log("about to initialize OneSignal"); 
  //window.addEventListener('load', function() {
    window._oneSignalInitOptions.promptOptions = {
      slidedown: {
        prompts: [
          {
            type: "category",
            autoPrompt: true,
            text: {
              /* actionMessage limited to 90 characters */
              actionMessage: "Tell us what type of content you're interested in and we'll let you know what's new.",
              /* acceptButton limited to 15 characters */
              acceptButton: "Get Notified",
              /* cancelButton limited to 15 characters */
              cancelButton: "No Thanks",
              /* CATEGORY SLIDEDOWN SPECIFIC TEXT */
              negativeUpdateButton:"Cancel",
              positiveUpdateButton:"Save Preferences",
              updateMessage: "Update your push notification subscription preferences.",
            },
            delay: {
              timeDelay: 1,//seconds to wait for display
              pageViews: 1,//# pageviews for prompt to display
            },
            categories: [
              {
                tag: "webinars",
                label: "Webinars",
              },
              {
                tag: "news",
                label: "News",
              },
              {
                tag: "events",
                label: "Events",
              },
              {
                tag: "podcasts",
                label: "Podcasts",
              }
            ]
          }
        ]
      }
    }
    window.OneSignal = window.OneSignal || [];
    window.OneSignal.push(function() {
      window.OneSignal.init(window._oneSignalInitOptions);
    });
 // });
}, 3000);
</script>
<meta name="google-site-verification" content="hRVR1BmPHNKwYS7nfOqOCsN3IVVl2fAubzdYJAhyboc" />
<meta name='robots' content='index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1' />

<script data-cfasync="false" data-pagespeed-no-defer>
	var gtm4wp_datalayer_name = "dataLayer";
	var dataLayer = dataLayer || [];
</script>


<title>Detect C2 ‘RedXOR’ with state-based functionality - Security Boulevard</title>
<meta name="description" content="By Ben Reardon, Corelight Security Researcher Recently a very interesting Linux-based command-and-control (C2) malware was described by the research team at Intezer. As usual there is a set of simple network-based IOCs in the form of domains and IPs that organizations can search against their Zeek dns.log, http.log and conn.log. Using Zeek, detecting this threat...Read more »" />
<link rel="canonical" href="https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/" />
<meta property="og:locale" content="en_US" />
<meta property="og:type" content="article" />
<meta property="og:title" content="Detect C2 ‘RedXOR’ with state-based functionality" />
<meta property="og:description" content="By Ben Reardon, Corelight Security Researcher Recently a very interesting Linux-based command-and-control (C2) malware was described by the research team at Intezer. As usual there is a set of simple network-based IOCs in the form of domains and IPs that organizations can search against their Zeek dns.log, http.log and conn.log. Using Zeek, detecting this threat...Read more »" />
<meta property="og:url" content="https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/" />
<meta property="og:site_name" content="Security Boulevard" />
<meta property="article:publisher" content="https://www.facebook.com/groups/24445075146/" />
<meta property="article:published_time" content="2021-04-20T14:00:00+00:00" />
<meta property="og:image" content="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-15-at-2.25.13-PM.png" />
<meta name="author" content="Ben Reardon" />
<meta name="twitter:card" content="summary_large_image" />
<meta name="twitter:creator" content="@securityblvd" />
<meta name="twitter:site" content="@securityblvd" />
<script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebPage","@id":"https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/","url":"https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/","name":"Detect C2 ‘RedXOR’ with state-based functionality - Security Boulevard","isPartOf":{"@id":"https://securityboulevard.com/#website"},"primaryImageOfPage":{"@id":"https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/#primaryimage"},"image":{"@id":"https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/#primaryimage"},"thumbnailUrl":"https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-15-at-2.25.13-PM.png","datePublished":"2021-04-20T14:00:00+00:00","dateModified":"2021-04-20T14:00:00+00:00","author":{"@id":"https://securityboulevard.com/#/schema/person/78bdf25bf5f60eacd9529b6a75a865ba"},"description":"By Ben Reardon, Corelight Security Researcher Recently a very interesting Linux-based command-and-control (C2) malware was described by the research team at Intezer. As usual there is a set of simple network-based IOCs in the form of domains and IPs that organizations can search against their Zeek dns.log, http.log and conn.log. Using Zeek, detecting this threat...Read more »","breadcrumb":{"@id":"https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/#primaryimage","url":"https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-15-at-2.25.13-PM.png","contentUrl":"https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-15-at-2.25.13-PM.png"},{"@type":"BreadcrumbList","@id":"https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://securityboulevard.com/"},{"@type":"ListItem","position":2,"name":"Security Bloggers Network","item":"https://securityboulevard.com/category/sbn/"},{"@type":"ListItem","position":3,"name":"Detect C2 ‘RedXOR’ with state-based functionality"}]},{"@type":"WebSite","@id":"https://securityboulevard.com/#website","url":"https://securityboulevard.com/","name":"Security Boulevard","description":"The Home of the Security Bloggers Network","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https://securityboulevard.com/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https://securityboulevard.com/#/schema/person/78bdf25bf5f60eacd9529b6a75a865ba","name":"Ben Reardon","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https://securityboulevard.com/#/schema/person/image/","url":"https://secure.gravatar.com/avatar/2ae600ea057f303907c68ed1ff8d2f89?s=96&d=mm&r=g","contentUrl":"https://secure.gravatar.com/avatar/2ae600ea057f303907c68ed1ff8d2f89?s=96&d=mm&r=g","caption":"Ben Reardon"},"sameAs":["https://corelight.blog"],"url":"https://securityboulevard.com/author/ben-reardon/"}]}</script>

<link rel="amphtml" href="https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/amp/" /><meta name="generator" content="AMP for WP 1.0.77.51" /><link rel='dns-prefetch' href='//static.addtoany.com' />
<link rel='dns-prefetch' href='//js.hs-scripts.com' />
<link rel='dns-prefetch' href='//secure.gravatar.com' />
<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel='dns-prefetch' href='//s.w.org' />
<link rel='dns-prefetch' href='//v0.wordpress.com' />
<link rel="alternate" type="application/rss+xml" title="Security Boulevard &raquo; Feed" href="https://securityboulevard.com/feed/" />
<link rel="alternate" type="application/rss+xml" title="Security Boulevard &raquo; Comments Feed" href="https://securityboulevard.com/comments/feed/" />
<link rel="alternate" type="text/calendar" title="Security Boulevard &raquo; iCal Feed" href="https://securityboulevard.com/webinars/?ical=1" />
<script type="a013c9d52a0a1157690516e6-text/javascript">
window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/14.0.0\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/securityboulevard.com\/wp-includes\/js\/wp-emoji-release.min.js"}};
/*! This file is auto-generated */
!function(e,a,t){var n,r,o,i=a.createElement("canvas"),p=i.getContext&&i.getContext("2d");function s(e,t){var a=String.fromCharCode,e=(p.clearRect(0,0,i.width,i.height),p.fillText(a.apply(this,e),0,0),i.toDataURL());return p.clearRect(0,0,i.width,i.height),p.fillText(a.apply(this,t),0,0),e===i.toDataURL()}function c(e){var t=a.createElement("script");t.src=e,t.defer=t.type="text/javascript",a.getElementsByTagName("head")[0].appendChild(t)}for(o=Array("flag","emoji"),t.supports={everything:!0,everythingExceptFlag:!0},r=0;r<o.length;r++)t.supports[o[r]]=function(e){if(!p||!p.fillText)return!1;switch(p.textBaseline="top",p.font="600 32px Arial",e){case"flag":return s([127987,65039,8205,9895,65039],[127987,65039,8203,9895,65039])?!1:!s([55356,56826,55356,56819],[55356,56826,8203,55356,56819])&&!s([55356,57332,56128,56423,56128,56418,56128,56421,56128,56430,56128,56423,56128,56447],[55356,57332,8203,56128,56423,8203,56128,56418,8203,56128,56421,8203,56128,56430,8203,56128,56423,8203,56128,56447]);case"emoji":return!s([129777,127995,8205,129778,127999],[129777,127995,8203,129778,127999])}return!1}(o[r]),t.supports.everything=t.supports.everything&&t.supports[o[r]],"flag"!==o[r]&&(t.supports.everythingExceptFlag=t.supports.everythingExceptFlag&&t.supports[o[r]]);t.supports.everythingExceptFlag=t.supports.everythingExceptFlag&&!t.supports.flag,t.DOMReady=!1,t.readyCallback=function(){t.DOMReady=!0},t.supports.everything||(n=function(){t.readyCallback()},a.addEventListener?(a.addEventListener("DOMContentLoaded",n,!1),e.addEventListener("load",n,!1)):(e.attachEvent("onload",n),a.attachEvent("onreadystatechange",function(){"complete"===a.readyState&&t.readyCallback()})),(e=t.source||{}).concatemoji?c(e.concatemoji):e.wpemoji&&e.twemoji&&(c(e.twemoji),c(e.wpemoji)))}(window,document,window._wpemojiSettings);
</script>
<style type="text/css">
img.wp-smiley,
img.emoji {
	display: inline !important;
	border: none !important;
	box-shadow: none !important;
	height: 1em !important;
	width: 1em !important;
	margin: 0 0.07em !important;
	vertical-align: -0.1em !important;
	background: none !important;
	padding: 0 !important;
}
</style>
<link rel='stylesheet' id='pt-cv-public-style-css' href='https://securityboulevard.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css' type='text/css' media='all' />
<link rel='stylesheet' id='pt-cv-public-pro-style-css' href='https://securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/css/cvpro.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='tribe-events-pro-mini-calendar-block-styles-css' href='https://securityboulevard.com/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='wp-block-library-css' href='https://securityboulevard.com/wp-includes/css/dist/block-library/style.min.css' type='text/css' media='all' />
<style id='wp-block-library-inline-css' type='text/css'>
.has-text-align-justify{text-align:justify;}
</style>
<link rel='stylesheet' id='mediaelement-css' href='https://securityboulevard.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='wp-mediaelement-css' href='https://securityboulevard.com/wp-includes/js/mediaelement/wp-mediaelement.min.css' type='text/css' media='all' />
<style id='global-styles-inline-css' type='text/css'>
body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--duotone--dark-grayscale: url('#wp-duotone-dark-grayscale');--wp--preset--duotone--grayscale: url('#wp-duotone-grayscale');--wp--preset--duotone--purple-yellow: url('#wp-duotone-purple-yellow');--wp--preset--duotone--blue-red: url('#wp-duotone-blue-red');--wp--preset--duotone--midnight: url('#wp-duotone-midnight');--wp--preset--duotone--magenta-yellow: url('#wp-duotone-magenta-yellow');--wp--preset--duotone--purple-green: url('#wp-duotone-purple-green');--wp--preset--duotone--blue-orange: url('#wp-duotone-blue-orange');--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
</style>
<link rel='stylesheet' id='owl-css-css' href='https://securityboulevard.com/wp-content/plugins/devops_core/assets/owl.carousel.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='owl-theme-css-css' href='https://securityboulevard.com/wp-content/plugins/devops_core/assets/owl.theme.default.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='theme.css-css' href='https://securityboulevard.com/wp-content/plugins/popup-builder/public/css/theme.css' type='text/css' media='all' />
<link rel='stylesheet' id='wp-pagenavi-css' href='https://securityboulevard.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css' type='text/css' media='all' />
<link rel='stylesheet' id='megamenu-css' href='https://securityboulevard.com/wp-content/uploads/maxmegamenu/style.css' type='text/css' media='all' />
<link rel='stylesheet' id='dashicons-css' href='https://securityboulevard.com/wp-includes/css/dashicons.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='colormag_style-css' href='https://securityboulevard.com/wp-content/themes/colormag-pro/style.css' type='text/css' media='all' />
<link rel='stylesheet' id='colormag_googlefonts-css' href='//fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans%3A400%2C600%7CPT+Sans%7CSource+Sans+Pro&#038;ver=6.0.2' type='text/css' media='all' />
<link rel='stylesheet' id='colormag-featured-image-popup-css-css' href='https://securityboulevard.com/wp-content/themes/colormag-pro/js/magnific-popup/magnific-popup.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='colormag-fontawesome-css' href='https://securityboulevard.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='custom-scrollbar-css-css' href='https://securityboulevard.com/wp-content/themes/colormag-pro/css/jquery.mCustomScrollbar.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='custom-datatables-css-css' href='https://securityboulevard.com/wp-content/themes/colormag-pro/css/datatables.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='dflip-icons-style-css' href='https://securityboulevard.com/wp-content/plugins/dflip/assets/css/themify-icons.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='dflip-style-css' href='https://securityboulevard.com/wp-content/plugins/dflip/assets/css/dflip.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='addtoany-css' href='https://securityboulevard.com/wp-content/plugins/add-to-any/addtoany.min.css' type='text/css' media='all' />
<link rel='stylesheet' id='jetpack_css-css' href='https://securityboulevard.com/wp-content/plugins/jetpack/css/jetpack.css' type='text/css' media='all' />
<script type="a013c9d52a0a1157690516e6-text/javascript" id='addtoany-core-js-before'>
window.a2a_config=window.a2a_config||{};a2a_config.callbacks=[];a2a_config.overlays=[];a2a_config.templates={};
a2a_config.icon_color="#434366";
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" async src='https://static.addtoany.com/menu/page.js' id='addtoany-core-js'></script>
<script type='text/javascript' data-cfasync="false" src='https://securityboulevard.com/wp-includes/js/jquery/jquery.min.js' id='jquery-core-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-includes/js/jquery/jquery-migrate.min.js' id='jquery-migrate-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" async src='https://securityboulevard.com/wp-content/plugins/add-to-any/addtoany.min.js' id='addtoany-jquery-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/devops_core/assets/list.min.js' id='list-min-js-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/devops_core/assets/owl.carousel.min.js' id='owl-min-js-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/devops_core/assets/isotope.pkgd.min.js' id='isotope-js-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/devops_core/assets/custom.js' id='j-custom-js-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" id='Popup.js-js-before'>
var sgpbPublicUrl = "https:\/\/securityboulevard.com\/wp-content\/plugins\/popup-builder\/public\/";
var SGPB_JS_LOCALIZATION = {"imageSupportAlertMessage":"Only image files supported","pdfSupportAlertMessage":"Only pdf files supported","areYouSure":"Are you sure?","addButtonSpinner":"L","audioSupportAlertMessage":"Only audio files supported (e.g.: mp3, wav, m4a, ogg)","publishPopupBeforeElementor":"Please, publish the popup before starting to use Elementor with it!","publishPopupBeforeDivi":"Please, publish the popup before starting to use Divi Builder with it!","closeButtonAltText":"Close"};
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/popup-builder/public/js/Popup.js' id='Popup.js-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js' id='PopupConfig.js-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" id='PopupBuilder.js-js-before'>
var SGPB_POPUP_PARAMS = {"popupTypeAgeRestriction":"ageRestriction","defaultThemeImages":{"1":"https:\/\/securityboulevard.com\/wp-content\/plugins\/popup-builder\/public\/img\/theme_1\/close.png","2":"https:\/\/securityboulevard.com\/wp-content\/plugins\/popup-builder\/public\/img\/theme_2\/close.png","3":"https:\/\/securityboulevard.com\/wp-content\/plugins\/popup-builder\/public\/img\/theme_3\/close.png","5":"https:\/\/securityboulevard.com\/wp-content\/plugins\/popup-builder\/public\/img\/theme_5\/close.png","6":"https:\/\/securityboulevard.com\/wp-content\/plugins\/popup-builder\/public\/img\/theme_6\/close.png"},"homePageUrl":"https:\/\/securityboulevard.com\/","isPreview":false,"convertedIdsReverse":[],"dontShowPopupExpireTime":365,"conditionalJsClasses":[],"disableAnalyticsGeneral":false};
var SGPB_JS_PACKAGES = {"packages":{"current":1,"free":1,"silver":2,"gold":3,"platinum":4},"extensions":{"geo-targeting":false,"advanced-closing":true}};
var SGPB_JS_PARAMS = {"ajaxUrl":"https:\/\/securityboulevard.com\/wp-admin\/admin-ajax.php","nonce":"17370bff20"};
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js' id='PopupBuilder.js-js'></script>
<!--[if lte IE 8]>
<script type='text/javascript' src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/html5shiv.min.js' id='html5-js'></script>
<![endif]-->
<script type="a013c9d52a0a1157690516e6-text/javascript" id='colormag-loadmore-js-extra'>
/* <![CDATA[ */
var colormag_script_vars = {"no_more_posts":"No more post"};
/* ]]> */
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/loadmore.min.js' id='colormag-loadmore-js'></script>
<link rel="https://api.w.org/" href="https://securityboulevard.com/wp-json/" /><link rel="alternate" type="application/json" href="https://securityboulevard.com/wp-json/wp/v2/posts/1879181" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://securityboulevard.com/xmlrpc.php?rsd" />
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="https://securityboulevard.com/wp-includes/wlwmanifest.xml" />
<meta name="generator" content="WordPress 6.0.2" />
<link rel='shortlink' href='https://wp.me/p91vu9-7SRn' />
<link rel="alternate" type="application/json+oembed" href="https://securityboulevard.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fsecurityboulevard.com%2F2021%2F04%2Fdetect-c2-redxor-with-state-based-functionality%2F" />
<link rel="alternate" type="text/xml+oembed" href="https://securityboulevard.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fsecurityboulevard.com%2F2021%2F04%2Fdetect-c2-redxor-with-state-based-functionality%2F&#038;format=xml" />

<script type="a013c9d52a0a1157690516e6-text/javascript" class="hsq-set-content-id" data-content-id="blog-post">
				var _hsq = _hsq || [];
				_hsq.push(["setContentType", "blog-post"]);
			</script>

<meta name="tec-api-version" content="v1"><meta name="tec-api-origin" content="https://securityboulevard.com"><link rel="alternate" href="https://securityboulevard.com/wp-json/tribe/events/v1/" />


<script data-cfasync="false" data-pagespeed-no-defer type="text/javascript">
	var dataLayer_content = {"pagePostType":"post","pagePostType2":"single-post","pageCategory":["sbn"],"pageAttributes":["c2","corelight-labs","http","intezer","linux","redxor","zeek"],"pagePostAuthor":"Ben Reardon"};
	dataLayer.push( dataLayer_content );
</script>
<script data-cfasync="false">
(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'//www.googletagmanager.com/gtm.'+'js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','GTM-5VL4PHQ');
</script>

<style>img#wpstats{display:none}</style>
<style type="text/css"> .colormag-button,blockquote,button,input[type=reset],input[type=button],input[type=submit]{background-color:#6190bb}a{color:#6190bb}#site-navigation{border-top:4px solid #6190bb}.home-icon.front_page_on,.main-navigation a:hover,.main-navigation ul li ul li a:hover,.main-navigation ul li ul li:hover>a,.main-navigation ul li.current-menu-ancestor>a,.main-navigation ul li.current-menu-item ul li a:hover,.main-navigation ul li.current-menu-item>a,.main-navigation ul li.current_page_ancestor>a,.main-navigation ul li.current_page_item>a,.main-navigation ul li:hover>a,.main-small-navigation li a:hover,.site-header .menu-toggle:hover{background-color:#6190bb}.main-small-navigation .current-menu-item>a,.main-small-navigation .current_page_item>a{background:#6190bb}#main .breaking-news-latest,.fa.search-top:hover{background-color:#6190bb}.byline a:hover,.comments a:hover,.edit-link a:hover,.posted-on a:hover,.social-links i.fa:hover,.tag-links a:hover{color:#6190bb}.widget_featured_posts .article-content .above-entry-meta .cat-links a{background-color:#6190bb}.widget_featured_posts .article-content .entry-title a:hover{color:#6190bb}.widget_featured_posts .widget-title{border-bottom:2px solid #6190bb}.widget_featured_posts .widget-title span,.widget_featured_slider .slide-content .above-entry-meta .cat-links a{background-color:#6190bb}.widget_featured_slider .slide-content .below-entry-meta .byline a:hover,.widget_featured_slider .slide-content .below-entry-meta .comments a:hover,.widget_featured_slider .slide-content .below-entry-meta .posted-on a:hover,.widget_featured_slider .slide-content .entry-title a:hover{color:#6190bb}.widget_highlighted_posts .article-content .above-entry-meta .cat-links a{background-color:#6190bb}.widget_block_picture_news.widget_featured_posts .article-content .entry-title a:hover,.widget_highlighted_posts .article-content .below-entry-meta .byline a:hover,.widget_highlighted_posts .article-content .below-entry-meta .comments a:hover,.widget_highlighted_posts .article-content .below-entry-meta .posted-on a:hover,.widget_highlighted_posts .article-content .entry-title a:hover{color:#6190bb}.category-slide-next,.category-slide-prev,.slide-next,.slide-prev,.tabbed-widget ul li{background-color:#6190bb}i.fa-arrow-up, i.fa-arrow-down{color:#6190bb}#secondary .widget-title{border-bottom:2px solid #6190bb}#content .wp-pagenavi .current,#content .wp-pagenavi a:hover,#secondary .widget-title span{background-color:#6190bb}#site-title a{color:#6190bb}.page-header .page-title{border-bottom:2px solid #6190bb}#content .post .article-content .above-entry-meta .cat-links a,.page-header .page-title span{background-color:#6190bb}#content .post .article-content .entry-title a:hover,.entry-meta .byline i,.entry-meta .cat-links i,.entry-meta a,.post .entry-title a:hover,.search .entry-title a:hover{color:#6190bb}.entry-meta .post-format i{background-color:#6190bb}.entry-meta .comments-link a:hover,.entry-meta .edit-link a:hover,.entry-meta .posted-on a:hover,.entry-meta .tag-links a:hover,.single #content .tags a:hover{color:#6190bb}.format-link .entry-content a,.more-link{background-color:#6190bb}.count,.next a:hover,.previous a:hover,.related-posts-main-title .fa,.single-related-posts .article-content .entry-title a:hover{color:#6190bb}.pagination a span:hover{color:#6190bb;border-color:#6190bb}.pagination span{background-color:#6190bb}#content .comments-area a.comment-edit-link:hover,#content .comments-area a.comment-permalink:hover,#content .comments-area article header cite a:hover,.comments-area .comment-author-link a:hover{color:#6190bb}.comments-area .comment-author-link span{background-color:#6190bb}.comment .comment-reply-link:hover,.nav-next a,.nav-previous a{color:#6190bb}.footer-widgets-area .widget-title{border-bottom:2px solid #6190bb}.footer-widgets-area .widget-title span{background-color:#6190bb}#colophon .footer-menu ul li a:hover,.footer-widgets-area a:hover,a#scroll-up i{color:#6190bb}.advertisement_above_footer .widget-title{border-bottom:2px solid #6190bb}.advertisement_above_footer .widget-title span{background-color:#6190bb}.sub-toggle{background:#6190bb}.main-small-navigation li.current-menu-item > .sub-toggle i {color:#6190bb}.error{background:#6190bb}.num-404{color:#6190bb},#primary .widget-title{border-bottom: 2px solid #6190bb},#primary .widget-title span{background-color:#6190bb} .main-navigation li, .site-header .menu-toggle { font-family: "PT Sans"; } h1, h2, h3, h4, h5, h6 { font-family: "Source Sans Pro"; } body, button, input, select, textarea, p, blockquote p, .entry-meta, .more-link { font-family: "Source Sans Pro"; } body, button, input, select, textarea, p, blockquote p, dl, .previous a, .next a, .nav-previous a, .nav-next a, #respond h3#reply-title #cancel-comment-reply-link, #respond form input[type="text"], #respond form textarea, #secondary .widget, .error-404 .widget { font-size: 16px; } #header-text-nav-container { background-color: #2e2e46; } .footer-widgets-wrapper { background-color: #2e2e46; } .footer-socket-wrapper { background-color: #434366; } .below-entry-meta .posted-on{display:none;} .below-entry-meta .comments{display:none;}</style>
<script data-cfasync="false"> var dFlipLocation = "https://securityboulevard.com/wp-content/plugins/dflip/assets/"; var dFlipWPGlobal = {"text":{"toggleSound":"Turn on\/off Sound","toggleThumbnails":"Toggle Thumbnails","toggleOutline":"Toggle Outline\/Bookmark","previousPage":"Previous Page","nextPage":"Next Page","toggleFullscreen":"Toggle Fullscreen","zoomIn":"Zoom In","zoomOut":"Zoom Out","toggleHelp":"Toggle Help","singlePageMode":"Single Page Mode","doublePageMode":"Double Page Mode","downloadPDFFile":"Download PDF File","gotoFirstPage":"Goto First Page","gotoLastPage":"Goto Last Page","share":"Share"},"moreControls":"download,pageMode,startPage,endPage,sound","hideControls":"","scrollWheel":"false","backgroundColor":"#777","backgroundImage":"","height":"auto","paddingLeft":"20","paddingRight":"20","controlsPosition":"bottom","duration":"800","soundEnable":"true","enableDownload":"true","enableAnalytics":"false","webgl":"true","hard":"none","maxTextureSize":"1600","rangeChunkSize":"524288","zoomRatio":"1.5","stiffness":"3","singlePageMode":"0","autoPlay":"false","autoPlayDuration":"5000","autoPlayStart":"false","linkTarget":"2"};</script> <meta name="onesignal" content="wordpress-plugin" />
<script type="a013c9d52a0a1157690516e6-text/javascript">

      window.OneSignal = window.OneSignal || [];

      OneSignal.push( function() {
        OneSignal.SERVICE_WORKER_UPDATER_PATH = 'OneSignalSDKUpdaterWorker.js';
                      OneSignal.SERVICE_WORKER_PATH = 'OneSignalSDKWorker.js';
                      OneSignal.SERVICE_WORKER_PARAM = { scope: '/wp-content/plugins/onesignal-free-web-push-notifications/sdk_files/push/onesignal/' };
        OneSignal.setDefaultNotificationUrl("https://securityboulevard.com");
        var oneSignal_options = {};
        window._oneSignalInitOptions = oneSignal_options;

        oneSignal_options['wordpress'] = true;
oneSignal_options['appId'] = '2a5b19ce-fd37-41d6-a5e8-693d5a580b3e';
oneSignal_options['allowLocalhostAsSecureOrigin'] = true;
oneSignal_options['welcomeNotification'] = { };
oneSignal_options['welcomeNotification']['title'] = "";
oneSignal_options['welcomeNotification']['message'] = "Great! You&#039;ll receive notifications when new content is posted.";
oneSignal_options['path'] = "https://securityboulevard.com/wp-content/plugins/onesignal-free-web-push-notifications/sdk_files/";
oneSignal_options['safari_web_id'] = "web.onesignal.auto.4ddec2dc-5c48-40c7-bde8-da7159bee241";
oneSignal_options['promptOptions'] = { };
oneSignal_options['promptOptions']['actionMessage'] = "Do you want to be the first to read our new Security Boulevard articles?";
oneSignal_options['promptOptions']['acceptButtonText'] = "YES";
oneSignal_options['promptOptions']['cancelButtonText'] = "NO THANKS";
          /* OneSignal: Using custom SDK initialization. */
                });

      function documentInitOneSignal() {
        var oneSignal_elements = document.getElementsByClassName("OneSignal-prompt");

        var oneSignalLinkClickHandler = function(event) { OneSignal.push(['registerForPushNotifications']); event.preventDefault(); };        for(var i = 0; i < oneSignal_elements.length; i++)
          oneSignal_elements[i].addEventListener('click', oneSignalLinkClickHandler, false);
      }

      if (document.readyState === 'complete') {
           documentInitOneSignal();
      }
      else {
           window.addEventListener("load", function(event){
               documentInitOneSignal();
          });
      }
    </script>
<style type="text/css" id="custom-background-css">
body.custom-background { background-color: #1b253c; }
</style>
<link rel="icon" href="https://securityboulevard.com/wp-content/uploads/2021/10/android-chrome-256x256-1-32x32.png" sizes="32x32" />
<link rel="icon" href="https://securityboulevard.com/wp-content/uploads/2021/10/android-chrome-256x256-1-192x192.png" sizes="192x192" />
<link rel="apple-touch-icon" href="https://securityboulevard.com/wp-content/uploads/2021/10/android-chrome-256x256-1-180x180.png" />
<meta name="msapplication-TileImage" content="https://securityboulevard.com/wp-content/uploads/2021/10/android-chrome-256x256-1.png" />
<style type="text/css" id="pt-cv-custom-style-869437fbal">.pt-cv-social-buttons a{-webkit-filter:grayscale(0.9);filter:gray;filter:grayscale(0.9)}.pt-cv-social-buttons a:hover{-webkit-filter:grayscale(0);filter:gray;filter:grayscale(0)}
.pt-cv-social-buttons a{width:20px!important;height:20px!important;background-size:100px!important}
.pt-cv-social-buttons .pt-cv-social-twitter{background-position:-20px 0!important}
.pt-cv-social-buttons .pt-cv-social-linkedin{background-position:-60px 0!important}
.pt-cv-social-buttons .pt-cv-social-pinterest{background-position:-80px 0!important}
.pt-cv-social-buttons .pt-cv-social-googleplus {background-position: -40px 0;}
</style>
<link rel="stylesheet" type="text/css" id="wp-custom-css" href="https://securityboulevard.com/?custom-css=966cb388a4" /><style type="text/css">/** Mega Menu CSS: fs **/</style>

<script async='async' src='https://www.googletagservices.com/tag/js/gpt.js' type="a013c9d52a0a1157690516e6-text/javascript"></script>
<script type="a013c9d52a0a1157690516e6-text/javascript">
  var googletag = googletag || {};
  googletag.cmd = googletag.cmd || [];
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript">
  googletag.cmd.push(function() {
      
      var mapa = googletag.sizeMapping().
    addSize([1200, 0], [728, 90]).
    addSize([0, 0], [320, 50]).
    build();
      
    googletag.defineSlot('/80877830/SB_Leaderboard', [[728, 90], [320, 50]], 'div-gpt-ad-1503669457440-0').defineSizeMapping(mapa).addService(googletag.pubads());
    googletag.defineSlot('/80877830/SB_LeaderboardFooter', [[728, 90], [320, 50]], 'div-gpt-ad-1503669457440-1').defineSizeMapping(mapa).addService(googletag.pubads());
    googletag.defineSlot('/80877830/SB_Medium', [300, 250], 'div-gpt-ad-1503669457440-2').addService(googletag.pubads());
    googletag.defineOutOfPageSlot('/80877830/SB_OOP', 'div-gpt-ad-1538595968677-0').addService(googletag.pubads());
    googletag.pubads().setTargeting("category","<?php echo $category[0]->category_nicename; ?>");
    googletag.pubads().setTargeting("subcategory","<?php echo $category[1]->category_nicename; ?>");
    googletag.pubads().setTargeting("homepage","<?php echo $home ? 'Yes' : 'No'; ?>");
   googletag.pubads().setTargeting("test", "<?php echo $_GET['test']; ?>");
   
    googletag.enableServices();
  });
  
 

</script>
</head>
<body class="post-template-default single single-post postid-1879181 single-format-standard custom-background tribe-no-js mega-menu-secondary ">

<noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5VL4PHQ"
height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>

<div id="page" class="hfeed site">
<header id="masthead" class="site-header clearfix">
<div id="header-text-nav-container" class="clearfix">
<div class="news-bar">
<div class="inner-wrap clearfix">
<div class="date-in-header">
Monday, October 17, 2022	</div>
<div class="breaking-news">
<strong class="breaking-news-latest">
</strong>
<ul class="newsticker">
<li>
<a href="https://securityboulevard.com/2022/10/why-you-need-a-data-driven-approach-to-vulnerability-management-lookout/" title="Why You Need a Data-Driven Approach to Vulnerability Management | Lookout">Why You Need a Data-Driven Approach to Vulnerability Management | Lookout</a>
</li>
<li>
<a href="https://securityboulevard.com/2022/10/guest-essay-a-breakout-of-how-google-facebook-instagram-enable-third-party-snooping/" title="GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping">GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping</a>
</li>
<li>
<a href="https://securityboulevard.com/2022/10/3-billion-defi-hacks-richixbw/" title="$3 BILLION in DeFi Hacks in 2022—So Far">$3 BILLION in DeFi Hacks in 2022—So Far</a>
</li>
<li>
<a href="https://securityboulevard.com/2022/10/bsideslv-2022-lucky13-hire-ground-tom-estons-management-hacking-101-leading-high-performance-teams/" title="BSidesLV 2022 Lucky13 Hire Ground &#8211; Tom Eston&#8217;s &#8216;Management Hacking 101: Leading High Performance Teams&#8217;">BSidesLV 2022 Lucky13 Hire Ground &#8211; Tom Eston&#8217;s &#8216;Management Hacking 101: Leading High Performance Teams&#8217;</a>
</li>
<li>
<a href="https://securityboulevard.com/2022/10/real-time-owasp-vulnerabilities-as-you-code-with-code-sight-and-rapid-scan-static/" title="Real-time OWASP vulnerabilities as you code with Code Sight and Rapid Scan Static">Real-time OWASP vulnerabilities as you code with Code Sight and Rapid Scan Static</a>
</li>
</ul>
</div>
<div class="social-links clearfix">
<ul>
<li><a href="https://twitter.com/securityblvd" target="_blank"><i class="fa fa-twitter"></i></a></li><li><a href="https://www.linkedin.com/groups/64292" target="_blank"><i class="fa fa-linkedin"></i></a></li><li><a href="https://www.facebook.com/groups/24445075146/" target="_blank"><i class="fa fa-facebook"></i></a></li><li><a href="https://www.youtube.com/channel/UC1a8XaAVjQSn_SgIW-rdq0A" target="_blank"><i class="fa fa-youtube"></i></a></li><li><a href="https://soundcloud.com/user-540767378" target="_blank"><i class="fa fa-soundcloud"></i></a></li> <li><a href="https://securityboulevard.com/feed/"><i class="fa fa-rss"></i></a></li><li><a href="https://news.google.com/publications/CAAqMggKIixDQklTR3dnTWFoY0tGWE5sWTNWeWFYUjVZbTkxYkdWMllYSmtMbU52YlNnQVAB?hl=en-US&#038;gl=US&#038;ceid=US%3Aen"><i class="fa fa-google"></i></a></li> </ul>
</div>
</div>
</div>
<div class="inner-wrap">
<div id="header-text-nav-wrap" class="clearfix">
<div id="header-left-section">
<div id="header-logo-image">
<a href="https://securityboulevard.com/" title="Security Boulevard" rel="home"><h2 style="color:#fff;padding: 20px 0;"><img src="https://securityboulevard.com/wp-content/themes/colormag-pro/img/security-boulevard-logo.png" alt="Security Boulevard Logo" width="350" height="70"></h2></a>
</div>

<div id="header-text" class="screen-reader-text">
<h3 id="site-title">
<a href="https://securityboulevard.com/" title="Security Boulevard" rel="home">Security Boulevard</a>
</h3>
<p id="site-description">The Home of the Security Bloggers Network</p>

</div>
<div style="clear:both;"></div>
<nav>
<div id="mega-menu-wrap-secondary" class="mega-menu-wrap"><div class="mega-menu-toggle"><div class="mega-toggle-blocks-left"><div class='mega-toggle-block mega-menu-toggle-block mega-toggle-block-1' id='mega-toggle-block-1' tabindex='0'><span class='mega-toggle-label' role='button' aria-expanded='false'><span class='mega-toggle-label-closed'>Community Chats Webinars Library</span><span class='mega-toggle-label-open'></span></span></div></div><div class="mega-toggle-blocks-center"></div><div class="mega-toggle-blocks-right"></div></div><ul id="mega-menu-secondary" class="mega-menu max-mega-menu mega-menu-horizontal mega-no-js" data-event="hover_intent" data-effect="fade_up" data-effect-speed="200" data-effect-mobile="disabled" data-effect-speed-mobile="0" data-mobile-force-width="false" data-second-click="close" data-document-click="collapse" data-vertical-behaviour="standard" data-breakpoint="100" data-unbind="true" data-mobile-state="collapse_all" data-hover-intent-timeout="300" data-hover-intent-interval="100"><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-home mega-menu-item-has-children mega-align-bottom-left mega-menu-flyout mega-menu-item-1770759' id='mega-menu-item-1770759'><a class="mega-menu-link" href="https://securityboulevard.com" aria-haspopup="true" aria-expanded="false" tabindex="0">Home<span class="mega-indicator"></span></a>
<ul class="mega-sub-menu">
<li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1770766' id='mega-menu-item-1770766'><a class="mega-menu-link" href="https://securityboulevard.com/cybersecurity-news/">Cybersecurity News</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1770767' id='mega-menu-item-1770767'><a class="mega-menu-link" href="https://securityboulevard.com/features/">Features</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1770768' id='mega-menu-item-1770768'><a class="mega-menu-link" href="https://securityboulevard.com/industry-spotlight/">Industry Spotlight</a></li><li class='mega-menu-item mega-menu-item-type-post_type mega-menu-item-object-page mega-menu-item-1806483' id='mega-menu-item-1806483'><a class="mega-menu-link" href="https://securityboulevard.com/news-releases/">News Releases</a></li></ul>
</li><li class='mega-menu-item mega-menu-item-type-post_type mega-menu-item-object-page mega-menu-item-has-children mega-align-bottom-left mega-menu-flyout mega-menu-item-1778278' id='mega-menu-item-1778278'><a class="mega-menu-link" href="https://securityboulevard.com/security-bloggers-network/" aria-haspopup="true" aria-expanded="false" tabindex="0">Security Bloggers Network<span class="mega-indicator"></span></a>
<ul class="mega-sub-menu">
<li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1770756' id='mega-menu-item-1770756'><a class="mega-menu-link" href="https://securityboulevard.com/security-bloggers-network/">Latest Posts</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1770296' id='mega-menu-item-1770296'><a class="mega-menu-link" href="https://securityboulevard.com/boulevard-authors/?search=&#038;activity=1d&#038;submit=Search">Contributors</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1770819' id='mega-menu-item-1770819'><a class="mega-menu-link" href="https://securityboulevard.com/boulevard-feed-request/">Syndicate Your Blog</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1770820' id='mega-menu-item-1770820'><a class="mega-menu-link" href="https://securityboulevard.com/write-for-security-boulevard/">Write for Security Boulevard</a></li></ul>
</li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-has-children mega-align-bottom-left mega-menu-flyout mega-menu-item-1935990' id='mega-menu-item-1935990'><a class="mega-menu-link" href="#" aria-haspopup="true" aria-expanded="false" tabindex="0">Webinars<span class="mega-indicator"></span></a>
<ul class="mega-sub-menu">
<li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1758216' id='mega-menu-item-1758216'><a class="mega-menu-link" href="https://securityboulevard.com/webinars/">Upcoming Webinars</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1772144' id='mega-menu-item-1772144'><a class="mega-menu-link" href="https://securityboulevard.com/on-demand-webinars/">On-Demand Webinars</a></li></ul>
</li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-has-children mega-align-bottom-left mega-menu-flyout mega-menu-item-1879505' id='mega-menu-item-1879505'><a class="mega-menu-link" href="#" aria-haspopup="true" aria-expanded="false" tabindex="0">Events<span class="mega-indicator"></span></a>
<ul class="mega-sub-menu">
<li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1879506' id='mega-menu-item-1879506'><a class="mega-menu-link" href="https://www.mediaopsevents.com/virtual/upcoming">Upcoming Events</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1879507' id='mega-menu-item-1879507'><a class="mega-menu-link" href="https://www.mediaopsevents.com/virtual/843942">On-Demand Events</a></li></ul>
</li><li class='mega-menu-item mega-menu-item-type-post_type mega-menu-item-object-page mega-menu-item-has-children mega-align-bottom-left mega-menu-flyout mega-menu-item-1594460' id='mega-menu-item-1594460'><a class="mega-menu-link" href="https://securityboulevard.com/chats/" aria-haspopup="true" aria-expanded="false" tabindex="0">Chat<span class="mega-indicator"></span></a>
<ul class="mega-sub-menu">
<li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1810928' id='mega-menu-item-1810928'><a class="mega-menu-link" href="https://securityboulevard.com/chats/">Security Boulevard Chat</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1810941' id='mega-menu-item-1810941'><a class="mega-menu-link" href="https://securityboulevard.com/marketing-insecurity-podcasts/">Marketing InSecurity Podcast</a></li></ul>
</li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-align-bottom-left mega-menu-flyout mega-menu-item-1594390' id='mega-menu-item-1594390'><a class="mega-menu-link" href="https://securityboulevard.com/library/" tabindex="0">Library</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-has-children mega-align-bottom-left mega-menu-flyout mega-hide-sub-menu-on-mobile mega-menu-item-1836261' id='mega-menu-item-1836261'><a class="mega-menu-link" href="#" aria-haspopup="true" aria-expanded="false" tabindex="0">Related Sites<span class="mega-indicator"></span></a>
<ul class="mega-sub-menu">
<li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1836259' id='mega-menu-item-1836259'><a target="_blank" class="mega-menu-link" href="https://techstronggroup.com">Techstrong Group</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1836260' id='mega-menu-item-1836260'><a target="_blank" class="mega-menu-link" href="https://containerjournal.com/">Container Journal</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1836262' id='mega-menu-item-1836262'><a target="_blank" class="mega-menu-link" href="https://devops.com">DevOps.com</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-home mega-menu-item-1896541' id='mega-menu-item-1896541'><a target="_blank" class="mega-menu-link" href="https://securityboulevard.com/">Security Boulevard</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1896542' id='mega-menu-item-1896542'><a target="_blank" class="mega-menu-link" href="https://techstrongresearch.com/">Techstrong Research</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1896543' id='mega-menu-item-1896543'><a target="_blank" class="mega-menu-link" href="https://techstrong.tv/">Techstrong TV</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1896549' id='mega-menu-item-1896549'><a target="_blank" class="mega-menu-link" href="https://soundcloud.com/devopschat">Devops Chat</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1896544' id='mega-menu-item-1896544'><a target="_blank" class="mega-menu-link" href="https://devopsdozen.com/">DevOps Dozen</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-menu-item-1896550' id='mega-menu-item-1896550'><a target="_blank" class="mega-menu-link" href="https://www.youtube.com/channel/UC-zcE077X98oTEDPwKkDQxQ">DevOps TV</a></li></ul>
</li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-align-bottom-left mega-menu-flyout mega-hide-sub-menu-on-mobile mega-menu-item-1836265' id='mega-menu-item-1836265'><a target="_blank" class="mega-menu-link" href="https://techstronggroup.com/assets/techstrong-media-kit.pdf" tabindex="0">Media Kit</a></li><li class='mega-menu-item mega-menu-item-type-post_type mega-menu-item-object-page mega-align-bottom-left mega-menu-flyout mega-menu-item-1896539' id='mega-menu-item-1896539'><a class="mega-menu-link" href="https://securityboulevard.com/about/" tabindex="0">About Us</a></li><li class='mega-menu-item mega-menu-item-type-custom mega-menu-item-object-custom mega-align-bottom-left mega-menu-flyout mega-menu-item-1940750' id='mega-menu-item-1940750'><a class="mega-menu-link" href="https://techstronggroup.com/tellmemore/" tabindex="0">Sponsor</a></li></ul></div> </nav>
</div>
<div id="header-right-section">
<div id="header-right-sidebar" class="clearfix">
<aside id="custom_html-9" class="widget_text widget widget_custom_html clearfix"><div class="textwidget custom-html-widget">
<div id='div-gpt-ad-1503669457440-0' style='text-align: center;'>
<script type="a013c9d52a0a1157690516e6-text/javascript">
googletag.cmd.push(function() { googletag.display('div-gpt-ad-1503669457440-0'); });
</script>
</div></div></aside> </div>
</div>
</div>
</div>
<nav id="site-navigation" class="main-navigation clearfix" role="navigation">
<div class="inner-wrap clearfix">
<h4 class="menu-toggle"></h4>
<div class="menu-primary-container"><ul id="menu-sbn" class="menu"><li id="menu-item-1354905" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1354905"><a href="https://securityboulevard.com/security-analytics/">Analytics</a></li>
<li id="menu-item-1354898" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1354898"><a href="https://securityboulevard.com/application-security/">AppSec</a></li>
<li id="menu-item-1354901" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1354901"><a href="https://securityboulevard.com/ciso-suite">CISO</a></li>
<li id="menu-item-1354899" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1354899"><a href="https://securityboulevard.com/cloud-security/">Cloud</a></li>
<li id="menu-item-1354900" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1354900"><a href="https://securityboulevard.com/devops/">DevOps</a></li>
<li id="menu-item-1585472" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1585472"><a href="https://securityboulevard.com/governance-risk-compliance">GRC</a></li>
<li id="menu-item-1709334" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1709334"><a href="https://securityboulevard.com/identity-management">Identity</a></li>
<li id="menu-item-1354903" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1354903"><a href="https://securityboulevard.com/incident-response/">Incident Response</a></li>
<li id="menu-item-1354902" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1354902"><a href="https://securityboulevard.com/iot-ics-security/">IoT / ICS</a></li>
<li id="menu-item-1354904" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1354904"><a href="https://securityboulevard.com/threats-breaches/">Threats / Breaches</a></li>
<li id="menu-item-1585471" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-home menu-item-has-children menu-item-1585471"><a href="https://securityboulevard.com">More</a>
<ul class="sub-menu">
<li id="menu-item-1759535" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1759535"><a href="https://securityboulevard.com/blockchain-digital-currency-bitcoin/">Blockchain / Digital Currencies</a></li>
<li id="menu-item-1585476" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1585476"><a href="https://securityboulevard.com/careers">Careers</a></li>
<li id="menu-item-1585475" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1585475"><a href="https://securityboulevard.com/cyberlaw">Cyberlaw</a></li>
<li id="menu-item-1585473" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1585473"><a href="https://securityboulevard.com/mobile-security">Mobile</a></li>
<li id="menu-item-1585474" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1585474"><a href="https://securityboulevard.com/social-engineering">Social Engineering</a></li>
</ul>
</li>
<li id="menu-item-1799594" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1799594"><a href="https://securityboulevard.com/humor">Humor</a></li>
</ul></div> <i class="fa fa-search search-top"></i>
<div class="search-form-top">
<form action="https://securityboulevard.com/" class="search-form searchform clearfix" method="get">
<div class="search-wrap">
<input type="text" placeholder="Search" class="s field" name="s">
<button class="search-icon" type="submit"></button>
</div>
</form>
</div>
</div>
</nav>
</div>
</header>
<div id="main" class="clearfix">
<div class="inner-wrap clearfix">
<div id="primary">
<div id="content" class="clearfix">
<article id="post-1879181" class="post-1879181 post type-post status-publish format-standard hentry category-sbn tag-c2 tag-corelight-labs tag-http tag-intezer tag-linux tag-redxor tag-zeek">
<div class="a2a_kit a2a_kit_size_32 a2a_floating_style a2a_vertical_style" style="margin-left:-100px;background-color:transparent"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2021%2F04%2Fdetect-c2-redxor-with-state-based-functionality%2F&amp;linkname=Detect%20C2%20%E2%80%98RedXOR%E2%80%99%20with%20state-based%20functionality%20-%20Security%20Boulevard" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2021%2F04%2Fdetect-c2-redxor-with-state-based-functionality%2F&amp;linkname=Detect%20C2%20%E2%80%98RedXOR%E2%80%99%20with%20state-based%20functionality%20-%20Security%20Boulevard" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2021%2F04%2Fdetect-c2-redxor-with-state-based-functionality%2F&amp;linkname=Detect%20C2%20%E2%80%98RedXOR%E2%80%99%20with%20state-based%20functionality%20-%20Security%20Boulevard" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2021%2F04%2Fdetect-c2-redxor-with-state-based-functionality%2F&amp;linkname=Detect%20C2%20%E2%80%98RedXOR%E2%80%99%20with%20state-based%20functionality%20-%20Security%20Boulevard" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2021%2F04%2Fdetect-c2-redxor-with-state-based-functionality%2F&amp;linkname=Detect%20C2%20%E2%80%98RedXOR%E2%80%99%20with%20state-based%20functionality%20-%20Security%20Boulevard" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div>
<div class="article-content clearfix">
<div class="above-entry-meta"><span class="cat-links"><a href="https://securityboulevard.com/category/sbn/" rel="category tag">Security Bloggers Network</a>&nbsp;</span></div>
<header class="entry-header">
<p id="breadcrumbs"><span><span><a href="https://securityboulevard.com/">Home</a> » <span><a href="https://securityboulevard.com/category/sbn/">Security Bloggers Network</a> » <span class="breadcrumb_last" aria-current="page">Detect C2 ‘RedXOR’ with state-based functionality</span></span></span></span></p>
<img style='position:relative;top:4px;left:0px;bottom:2px;width: 35px;' alt='SBN' src='https://securityboulevard.com/wp-content/uploads/2017/09/SBNIcon4_512px.png'>
<h1 class="entry-title">
Detect C2 ‘RedXOR’ with state-based functionality </h1>
</header>
<div class="below-entry-meta">
<img alt='' src='https://secure.gravatar.com/avatar/2ae600ea057f303907c68ed1ff8d2f89?s=32&#038;d=mm&#038;r=g' srcset='https://secure.gravatar.com/avatar/2ae600ea057f303907c68ed1ff8d2f89?s=64&#038;d=mm&#038;r=g 2x' class='avatar avatar-32 photo' height='32' width='32' loading='lazy' /> <span class="sbyline"><span class="author vcard"> <a class="url fn n" href="https://securityboulevard.com/author/ben-reardon/"><span class='jcolor'>by</span> Ben Reardon <span class='jcolor'>on</span> April 20, 2021</a></span></span>
</div>
<div class="entry-content clearfix">
<p><strong>By Ben Reardon, Corelight Security Researcher</strong></p>
<p>Recently a very interesting Linux-based command-and-control (C2) malware was<a href="https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/"> </a><strong><a rel="noreferrer noopener" href="https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/">described by the research team at Intezer</a></strong>. As usual there is a set of simple network-based IOCs in the form of domains and IPs that organizations can search against their Zeek dns.log, http.log and conn.log. Using <strong><a rel="noreferrer noopener" href="https://zeek.org/">Zeek</a></strong>, detecting this threat at a deeper layer is also relatively straightforward, and this C2 provides a good demonstration of how to use Zeek’s ability to extensively track state to augment simple IOC-based logic.</p><div class='code-block code-block-5' style='margin: 8px 0; clear: both;'>
<div class="custom-ad">
<div style="margin: auto; text-align: center;"><a href="https://www.techstrongevents.com/devopsexperience22?ref=in-article-ad&utm_source=Security+Boulevard&utm_medium=Referral&utm_campaign=in-article-ad" target="_blank"><img src="https://devops.com/wp-content/uploads/2022/09/Banner_770x330.png" alt="DevOps Experience 2022"></a><a href="https://techstronggroup.com/tellmemore/?ref=in-article-ad&utm_source=Security+Boulevard&utm_medium=Referral&utm_campaign=in-article-ad" style="background: #F1060B;color: #fff;display: block;padding: 8px;margin-top: -4px;">Sponsorships Available</a></div>
<div class="clear-custom-ad"></div>
</div></div>
<p>The ability to create behavioral-based detections &#8211; such as the state-based detection as described in this blog &#8211; is a powerful option because threat actors can easily change traditional IOC factors (e.g IP address, URL and domain names) which results in simpler IOC-based detections failing. Another benefit of using lower level behavioral detection logic is they are vastly less prone to false positive detections.&nbsp;</p>
<p>Let’s start with a few interesting points about this malware:</p>
<h3>Linux-based malware</h3>
<p>The implant is specifically designed for Linux systems, having been compiled on a legacy compiler which is the default on <strong><a href="https://en.wikipedia.org/wiki/Red_Hat_Enterprise_Linux" rel="noreferrer noopener">RHEL6</a></strong> &#8211; this may be of interest to those in threat intelligence and perhaps those seeking attribution, but is not further relevant to this detection.</p>
<h3>HTTP C2</h3>
<p>This malware, like many others, uses HTTP as a C2 channel. While modern C2/exfiltration traffic is often encrypted, it’s not always being sent over HTTPS. “Pre-encrypted” data can be sent using POSTs over HTTP. While we certainly have other tools to help shine a light on encrypted network traffic, we should not neglect good old HTTP analysis &#8211; even today.&nbsp;</p>
<p>RedXOR payloads and exfiltration can be decoded with enough effort, as shown in Intezer’s research. However we don’t have to rely on the payload being decoded, we can treat RedXOR as yet another example of malware “pre-encrypting” data and then sending that encrypted data as HTTP &#8211; for example, as Emotet does <strong><a href="https://www.virusbulletin.com/virusbulletin/2019/10/vb2019-paper-exploring-emotet-elaborate-everyday-enigma/" rel="noreferrer noopener">[1]</a></strong> <strong><a href="https://www.cert.pl/en/posts/2017/05/analysis-of-emotet-v4/" rel="noreferrer noopener">[2]</a></strong>.</p>
<h3>Detection Logic</h3>
<p>The C2 sends commands to the implant within HTTP cookies. For the purpose of this detection, we will focus solely on commands used in the registration of the C2 implant (highlighted below).</p>
<figure class="wp-block-image size-large is-resized"><a href="https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/" rel="noopener"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-15-at-2.25.13-PM.png" alt="" class="wp-image-1708" width="697" height="468" /></a></figure>
<p>The detection logic we use in this demonstration involves looking for a consecutive pattern of cookie transactions between the Implant and the C2 as follows:</p>
<figure class="wp-block-image size-large is-resized"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-15-at-2.27.07-PM.png" alt="" class="wp-image-1709" width="680" height="296" /></figure>
</p>
<figure class="wp-block-image size-large is-resized"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/C2.png" alt="" class="wp-image-1710" width="736" height="559" /></figure>
<p>This series of cookies indicates an initial infection. We can use similar state-based logic for other cookie values that represent the various commands that may run subsequent to infection.</p>
<h3>Using Zeek statefully to implement the detection logic</h3>
<p>Zeek is an event-based engine, which means Zeek runs particular code only when it sees an associated network event occur. In our case we are interested in inspecting HTTP cookies, and these are passed within HTTP headers. The most relevant Zeek event is <strong><a href="https://docs.zeek.org/en/current/scripts/base/bif/plugins/Zeek_HTTP.events.bif.zeek.html#id-http_all_headers" rel="noreferrer noopener">http_all_headers</a></strong>. This event provides us a mime_header_list called hlist. We simply need to fish out the cookie component from mime_header_list by referencing the correct element, and then check whether what we find is the next in the sequence we are looking for. This is the only Zeek event required to detect this threat.&nbsp;</p>
<div class="wp-block-image">
<figure class="aligncenter size-large is-resized"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-20-at-3.02.40-PM.png" alt="" class="wp-image-1725" width="559" height="86" /></figure>
</div>
<p>We have heavily commented the script itself (<strong><a href="https://github.com/corelight/redxor" rel="noreferrer noopener">https://github.com/corelight/redxor</a></strong>) to explain the logic at a low level, and we&#8217;ll also cover a few key points here.</p>
<p>The script creates a state-keeping variable and attaches it to each HTTP connection. It is aptly called <code>c$http_state$redxor_cookies_seen_so_far</code> and it keeps track of how many matching cookies we’ve seen so far in that connection. When it reaches five we know that we’ve seen all five cookies in the correct order and we raise a “notice” in notice.log.</p>
<p>Keen reviewers of the code may note that a proxy can potentially add and even reorder headers, and so the cookie won’t also be in the same location. This can be readily accounted for by cycling through each element of the header list to find the cookie header. However so as not to over-complicate this demonstration, let’s assume that the headers are not re-ordered.&nbsp;</p>
<p>Since all the pieces required for this detection exist in the same TCP connection, they all share the same Zeek uid, which has two important consequences:</p>
<ul>
<li>We can use the variable <code>c$http$trans_depth</code> to determine how far into the HTTP connection we are. There are two header lists per trans_depth &#8211; one from client and one from server. Since we are only looking for the first five cookies, these will be contained in the first three trans_depth as shown below.</li>
</ul>
<figure class="wp-block-image size-large is-resized"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-15-at-2.53.28-PM.png" alt="" class="wp-image-1711" width="673" height="275" /></figure>
<ul>
<li>We also don’t need to consider support for clustered environments, since all artifacts will have the same uid, and thus the same worker will handle them. Making efficient stateful detections in clustered environments requires a surprisingly nuanced layer of logic to account for streams traversing different workers, as well as latency issues that may arise in such a distributed system. Perhaps this is a good topic for a future malware detection demonstration.&nbsp;&nbsp;</li>
</ul>
<h3>Having performance in mind</h3>
<p>In a busy network with a lot of HTTP headers, http_all_headers will occur a great deal, so it’s helpful to look at some tactics to ensure that the script doesn’t waste resources. A good reference for performance tuning is the <strong><a href="https://zeek.org/2019/11/13/zeekweek-2019-summary-and-slides/" rel="noreferrer noopener">“Profiling in Production” presentation by Corelight’s Justin Azoff at ZeekWeek 2019</a></strong>. Note that I’m not an expert at Zeek performance, and I’ve only learned some of these things the hard way and with expert advice from fellow Corelighters &#8211; so I’ll share some of the things that have become part of my workflow as I build out a detection like this:</p>
<ul>
<li>Look for reasons why an HTTP event is <em>not</em> relevant and use this as the first piece of logic that can be applied to release Zeek’s resources by returning from the event handler. For example, if the HTTP method is <em>not</em> “POST”, then <strong>return</strong> straight away. We are only interested in the POST method, not GET or any other method.</li>
</ul>
<div class="wp-block-image">
<figure class="aligncenter size-large is-resized"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-20-at-2.53.50-PM.png" alt="" class="wp-image-1720" width="582" height="45" /></figure>
</div>
<ul>
<li>Since the server header contains four items and the client contains five items, if the header we are examining does not contain <em>at least four items</em>, there’s no need to look further because this header is too short. Apart from performance, you also need to consider what would happen if you reference a particular element (in our case the fourth element) of the header list. If the header list doesn’t contain &gt;4 items, you’ll get runtime errors.&nbsp;</li>
</ul>
<div class="wp-block-image">
<figure class="aligncenter size-large is-resized"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-20-at-2.54.05-PM.png" alt="" class="wp-image-1721" width="597" height="48" /></figure>
</div>
<ul>
<li>Return from the script as soon as you have found the artifact of interest. This sounds obvious, but can sometimes be nuanced. For instance if we have found a match for the client/implant’s cookie in this header list, then there is no need to check that list again for server cookies &#8211; just return straight away.</li>
</ul>
<div class="wp-block-image">
<figure class="aligncenter size-large is-resized"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-20-at-2.57.16-PM.png" alt="" class="wp-image-1722" width="579" height="131" /></figure>
</div>
<ul>
<li>Put a tight bound on your search logic. In this case, we know that all cookies will be contained within the first three client/server header lists. This means if<code> trans_depth &gt; 3</code> we can return straight away. This is important because a lot of HTTP sessions have high cardinality here. This is also not an aspect that surfaces easily during script testing on a small pcap &#8211; it’s often only when you run the script at scale that these issues will arise, so it’s a good habit to put bounds checking into your script development mindset.</li>
</ul>
<div class="wp-block-image">
<figure class="aligncenter size-large is-resized"><img loading="lazy" src="https://corelight.blog/wp-content/uploads/2021/04/Screen-Shot-2021-04-20-at-2.57.56-PM.png" alt="" class="wp-image-1723" width="652" height="53" /></figure>
</div>
<ul>
<li><strong>Efficacy vs efficiency </strong>: Changing to a less intuitive logic flow in the pursuit of optimal <strong><em>efficiency</em></strong> (i.e the detection logic uses a minimal amount of resources) could potentially have a positive OR negative effect on <strong><em>efficacy</em></strong> (ie. the detection logic detects as expected).&nbsp;</li>
</ul>
<p>Having a super-performing script that misses your pathological case because a logic bug snuck in while you were performance-tuning to the nth degree isn’t the goal! Making things more efficient at the expense of readability, simplicity and workability is a balancing act in my humble opinion.&nbsp;</p>
<ul>
<li>Test your script on<em> real-world traffic</em> with as much volume and variety as you can.&nbsp;
<ul>
<li>Assume there are benign edge cases that will cause false positives, and that you just need to find them. Our experience is that there are almost always such cases, and fine-tuning your detection is not the main issue, the hard part is just <em>finding</em> the edge cases.&nbsp;&nbsp;&nbsp;</li>
<li>Assume there will be circumstances that make your script over-utilize the resources. Try to guard against these, and test at production volumes.</li>
</ul>
</li>
</ul>
<h3>Summary</h3>
<p>There are various other ways to detect this malware with Zeek, and we build detections like this into the Corelight <strong><a href="https://corelight.com/products/collections" rel="noreferrer noopener">C2 collection</a></strong>. This script has been prepared as a tutorial-style demonstration of one such technique, as it highlights how Zeek&#8217;s state keeping can be used as a fairly intuitive and practical way to detect modern C2 malware, as well as demonstrating some performance issues to keep in mind when writing Zeek scripts yourself.&nbsp;</p>
<p>Credit to Intezer for their research on RedXOR and their collaboration with us at Corelight.&nbsp; Refer to this writeup for a low level description of the malware:</p>
<p><strong><a href="https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/" rel="noreferrer noopener">https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/</a></strong><a href="https://www.intezer.com/blog/malware-analysis/new-linux-backdoor-redxor-likely-operated-by-chinese-nation-state-actor/">.</a></p>
<p>The script was prepared from an <em>abstraction</em> of the actual pcap (which could not be shared in its native format due to sensitive information contained within). This abstraction was prepared by the Intezer Research team and shared with Corelight Labs for the purpose of writing this demonstration.&nbsp;</p>
<p>#Linux #C2 #RedXOR #HTTP</p>
<p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://corelight.blog">Bright Ideas Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Ben Reardon">Ben Reardon</a>. Read the original post at: <a href="https://corelight.blog/2021/04/20/detect-c2-redxor-with-state-based-functionality/">https://corelight.blog/2021/04/20/detect-c2-redxor-with-state-based-functionality/</a> </p>
</div>
<div class="below-entry-meta">
<div class="below-entry-meta">
<span class="posted-on"><a href="https://securityboulevard.com/2021/04/detect-c2-redxor-with-state-based-functionality/" title="10:00 am" rel="bookmark"><i class="fa fa-calendar-o"></i> <time class="entry-date published" datetime="2021-04-20T10:00:00-04:00">April 20, 2021</time><time class="updated" datetime="2021-04-20T10:00:00-04:00">April 20, 2021</time></a></span>
<span class="byline"><span class="author vcard"><i class="fa fa-user"></i><a class="url fn n" href="https://securityboulevard.com/author/ben-reardon/" title="Ben Reardon">Ben Reardon</a></span></span>
<span class="tag-links"><i class="fa fa-tags"></i><a href="https://securityboulevard.com/tag/c2/" rel="tag">C2</a>, <a href="https://securityboulevard.com/tag/corelight-labs/" rel="tag">Corelight Labs</a>, <a href="https://securityboulevard.com/tag/http/" rel="tag">http</a>, <a href="https://securityboulevard.com/tag/intezer/" rel="tag">Intezer</a>, <a href="https://securityboulevard.com/tag/linux/" rel="tag">Linux</a>, <a href="https://securityboulevard.com/tag/redxor/" rel="tag">RedXOR</a>, <a href="https://securityboulevard.com/tag/zeek/" rel="tag">Zeek</a></span></div> </div>


</div>
<div class="entry-content clearfix">
</div>
</article>
<script type="a013c9d52a0a1157690516e6-text/javascript">window.dataLayer = window.dataLayer || [];
window.dataLayer.push({
    'event' : 'article-milestone',
    'article_title': 'Detect C2 ‘RedXOR’ with state-based functionality'

});
			</script>
</div>
<ul class="default-wp-page clearfix">
<li class="previous"><a href="https://securityboulevard.com/2021/04/pulse-connect-secure-security-update/" rel="prev"><span class="meta-nav">&larr;</span> Pulse Connect Secure Security Update</a></li>
<li class="next"><a href="https://securityboulevard.com/2021/04/welcome-to-whitesource-diffend/" rel="next">Welcome to WhiteSource, Diffend! <span class="meta-nav">&rarr;</span></a></li>
</ul>
</div>
<div id="secondary">
<aside id="custom_html-36" class="widget_text widget widget_custom_html clearfix"><h3 class="widget-title"><span>Techstrong TV &#8211; Live</span></h3><div class="textwidget custom-html-widget"><div style="padding:56.25% 0 0 0;position:relative;"><iframe src="https://vimeo.com/event/1622487/embed?muted=1" frameborder="0" allow="autoplay; fullscreen" allowfullscreen style="position:absolute;top:0;left:0;width:100%;height:100%;"></iframe></div><div style="font-style:italic;font-size: 12px;text-align:center;">Click full-screen to enable volume control</div>
<center><a href="https://digitalanarchist.com/">Watch latest episodes and shows</a> </center></div></aside><aside id="custom_html-29" class="widget_text widget widget_custom_html clearfix"><h3 class="widget-title"><span>Subscribe to our Newsletters</span></h3><div class="textwidget custom-html-widget"><div class="sue-panel" data-url="" data-target="self" style="background-color:#6190bb;color:#fff;border-radius:0px;-moz-border-radius:0px;-webkit-border-radius:0px;box-shadow:0px;-moz-box-shadow:0px;-webkit-box-shadow:0px;border:0"><div class="sue-panel-content sue-content-wrap" style="padding:15px;text-align:center">
<script charset="utf-8" type="a013c9d52a0a1157690516e6-text/javascript" src="//js.hsforms.net/forms/v2.js"></script>
<script type="a013c9d52a0a1157690516e6-text/javascript">
  hbspt.forms.create({
    region: "na1",
    portalId: "1628905",
    formId: "4b9a2bbd-665c-447b-81df-233280dc689e"
  });
</script>
</div></div>
</div></aside><aside class='widget_text widget widget_custom_html clearfix new-html-widget new-popular-widget'>
<h3 class='widget-title'>
<span>Most Read on the Boulevard</span>
</h3>
<div class='textwidget custom-html-widget'><div class='pop-div'><a href='https://securityboulevard.com/2022/10/linux-5-bugs-wi-fi-richixbw/'>Linux Fixes 5 Gaping Holes in Wi-Fi</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/how-brand-protection-can-address-the-risk-of-gan-deepfakes/'>How Brand Protection Can Address the Risk of GAN Deepfakes</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/defend-your-it-environment-from-living-off-the-land-lol-techniques/'>Defend Your IT Environment from Living-Off-the-Land (LOL) Techniques</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/vmware-research-uncovers-evolving-nature-of-emotet-malware/'>VMware Research Uncovers Evolving Nature of Emotet Malware</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/api-security-primer-and-best-practices-for-2023/'>API Security Primer and Best Practices for 2023</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/device-identity-and-posture-carta-vs-caep/'>Device Identity and Posture: CARTA vs. CAEP</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/tldr-of-tag-cyber-and-sonrai-security%ef%bf%bc/'>TL;DR of TAG Cyber and Sonrai Security￼</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/new-microsoft-exchange-server-zero-day-vulnerabilities/'>New Microsoft Exchange Server Zero-Day Vulnerabilities</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/it-risk-management-how-to-get-started-with-risk-frameworks/'>IT Risk Management: How to Get Started with Risk Frameworks</a></div><div class='pop-div'><a href='https://securityboulevard.com/2022/10/cybersecurity-issues-in-healthcare-recent-trends-and-solution/'>Cybersecurity Issues in Healthcare: Recent Trends and Solution</a></div></div></aside><aside class='widget_text widget widget_custom_html clearfix new-html-widget'>
<h3 class='widget-title'>
<span><a href='http://www.securityboulevard.com/events/category/webinar/'>Upcoming Webinars <i class='fa fa-angle-double-right' aria-hidden='true'></i></a></span>
</h3>
<div class='textwidget custom-html-widget'>

<div class="type-tribe_events post-1938152 tribe-clearfix tribe-events-venue-1758430 tribe-events-organizer-1346924">
<div class="tribe-mini-calendar-event event--1 ">
<div class="list-date">
<span class="list-dayname">
Wed </span>
<span class="list-daynumber">19</span>
</div>
<div class="list-info">
<h2 class="tribe-events-title">
<a href="https://securityboulevard.com/webinars/secrets-management-and-devsecops-an-enterprise-maturity-model/" rel="bookmark">Secrets Management and DevSecOps: An Enterprise Maturity Model</a>
</h2>
<div class="tribe-events-duration">
<span class="tribe-event-date-start">October 19 @ 1:00 pm</span> - <span class="tribe-event-time">2:00 pm</span> </div>

</div>
</div> 
</div>

<div class="type-tribe_events post-1939841 tribe-clearfix tribe-events-venue-1758430 tribe-events-organizer-1346924">
<div class="tribe-mini-calendar-event event--1 ">
<div class="list-date">
<span class="list-dayname">
Wed </span>
<span class="list-daynumber">26</span>
</div>
<div class="list-info">
<h2 class="tribe-events-title">
<a href="https://securityboulevard.com/webinars/zero-effort-zero-trust-for-blocking-zero-days-in-kubernetes/" rel="bookmark">Zero-Effort Zero-Trust for Blocking Zero-Days in Kubernetes</a>
</h2>
<div class="tribe-events-duration">
<span class="tribe-event-date-start">October 26 @ 11:00 am</span> - <span class="tribe-event-time">12:00 pm</span> </div>

</div>
</div> 
</div>

<div class="type-tribe_events post-1940030 tribe-clearfix tribe-events-venue-1758430 tribe-events-organizer-1346924">
<div class="tribe-mini-calendar-event event--1 ">
<div class="list-date">
<span class="list-dayname">
Wed </span>
<span class="list-daynumber">26</span>
</div>
<div class="list-info">
<h2 class="tribe-events-title">
<a href="https://securityboulevard.com/webinars/zero-effort-zero-trust-for-blocking-zero-days-in-kubernetes-2/" rel="bookmark">Zero-Effort Zero-Trust for Blocking Zero-Days in Kubernetes</a>
</h2>
<div class="tribe-events-duration">
<span class="tribe-event-date-start">October 26 @ 11:00 am</span> - <span class="tribe-event-time">12:00 pm</span> </div>

</div>
</div> 
</div>

<div class="type-tribe_events post-1940525 tribe-clearfix tribe-events-venue-1758430 tribe-events-organizer-1346924">
<div class="tribe-mini-calendar-event event--1 ">
<div class="list-date">
<span class="list-dayname">
Nov </span>
<span class="list-daynumber">03</span>
</div>
<div class="list-info">
<h2 class="tribe-events-title">
<a href="https://securityboulevard.com/webinars/debunking-the-stupid-user-myth-in-security/" rel="bookmark">Debunking the &#8216;Stupid User&#8217; Myth in Security</a>
</h2>
<div class="tribe-events-duration">
<span class="tribe-event-date-start">November 3 @ 3:00 pm</span> - <span class="tribe-event-time">4:00 pm</span> </div>

</div>
</div> 
</div>

<div class="type-tribe_events post-1940883 tribe-clearfix tribe-events-venue-1758430 tribe-events-organizer-1346924">
<div class="tribe-mini-calendar-event event--1 ">
<div class="list-date">
<span class="list-dayname">
Nov </span>
<span class="list-daynumber">10</span>
</div>
<div class="list-info">
<h2 class="tribe-events-title">
<a href="https://securityboulevard.com/webinars/debunking-common-myths-about-xdr/" rel="bookmark">Debunking Common Myths About XDR</a>
</h2>
<div class="tribe-events-duration">
<span class="tribe-event-date-start">November 10 @ 1:00 pm</span> - <span class="tribe-event-time">2:00 pm</span> </div>

</div>
</div> 
</div>

<div class="type-tribe_events post-1941417 tribe-clearfix tribe-events-venue-1758430 tribe-events-organizer-1346924">
<div class="tribe-mini-calendar-event event--1 ">
<div class="list-date">
<span class="list-dayname">
Nov </span>
<span class="list-daynumber">15</span>
</div>
<div class="list-info">
<h2 class="tribe-events-title">
<a href="https://securityboulevard.com/webinars/unleashing-the-value-of-all-log-data-2/" rel="bookmark">Unleashing the Value of All Log Data</a>
</h2>
<div class="tribe-events-duration">
<span class="tribe-event-date-start">November 15 @ 3:00 pm</span> - <span class="tribe-event-time">4:00 pm</span> </div>

</div>
</div> 
</div>

<div class="type-tribe_events post-1941745 tribe-clearfix tribe-events-venue-1758430 tribe-events-organizer-1346924">
<div class="tribe-mini-calendar-event event--1 ">
<div class="list-date">
<span class="list-dayname">
Nov </span>
<span class="list-daynumber">16</span>
</div>
<div class="list-info">
<h2 class="tribe-events-title">
<a href="https://securityboulevard.com/webinars/understanding-sboms-a-practical-guide-to-implementing-nist-cisas-software-bill-of-materials-sbom-requirements/" rel="bookmark">Understanding SBOMs: A Practical Guide to Implementing NIST/CISA’s Software Bill of Materials (SBOM) Requirements</a>
</h2>
<div class="tribe-events-duration">
<span class="tribe-event-date-start">November 16 @ 1:00 pm</span> - <span class="tribe-event-time">2:00 pm</span> </div>

</div>
</div> 
</div>
<p class="tribe-events-widget-link">
<a href="https://securityboulevard.com/webinars/" rel="bookmark">
More Webinars </a>
</p>
<script type="application/ld+json">
[{"@context":"http://schema.org","@type":"Event","name":"Secrets Management and DevSecOps: An Enterprise Maturity Model","description":"&lt;p&gt;During this webinar, Mackenzie Jackson, developer advocate at GitGuardian, will discuss this model in detail, highlight the benefits of automated secrets detection and remediation and describe how these can be used to infuse security into development workflows.&lt;/p&gt;\\n","image":"https://securityboulevard.com/wp-content/uploads/2022/09/2022.10.19-GitGuardian-SB_landing_page_770x330.png","url":"https://securityboulevard.com/webinars/secrets-management-and-devsecops-an-enterprise-maturity-model/","startDate":"2022-10-19T13:00:00-04:00","endDate":"2022-10-19T14:00:00-04:00","location":{"@type":"Place","name":"Live Webinar","description":"","url":"https://securityboulevard.com/venue/live-webinar/","address":{"@type":"PostalAddress","addressLocality":"Boca Raton","addressRegion":"FL","addressCountry":"United States"},"geo":{"@type":"GeoCoordinates","latitude":26.368306400000002,"longitude":-80.1289321},"telephone":"","sameAs":"https://securityboulevard.com/webinars/"},"organizer":{"@type":"Person","name":"Security Boulevard","description":"","url":"https://securityboulevard.com","telephone":"","email":"&#119;ebinar&#115;&#64;se&#99;urit&#121;&#98;o&#117;&#108;&#101;va&#114;&#100;.c&#111;&#109;","sameAs":"https://securityboulevard.com"},"performer":"Organization"},{"@context":"http://schema.org","@type":"Event","name":"Zero-Effort Zero-Trust for Blocking Zero-Days in Kubernetes","description":"&lt;p&gt;Continuous Testing is an established practice within Continuous Delivery, where testing and quality are embedded through every phase of the software delivery lifecycle - from planning to production. For testing to be truly continuous, all of its sub-processes \u2013 such as test definition and automation, service virtualization, test data management, analytics and orchestration - must..&lt;/p&gt;\\n","image":"https://securityboulevard.com/wp-content/uploads/2022/09/2022.10.26-SUSE-SB_landing_page_770x330.png","url":"https://securityboulevard.com/webinars/zero-effort-zero-trust-for-blocking-zero-days-in-kubernetes/","startDate":"2022-10-26T11:00:00-04:00","endDate":"2022-10-26T12:00:00-04:00","location":{"@type":"Place","name":"Live Webinar","description":"","url":"https://securityboulevard.com/venue/live-webinar/","address":{"@type":"PostalAddress","addressLocality":"Boca Raton","addressRegion":"FL","addressCountry":"United States"},"geo":{"@type":"GeoCoordinates","latitude":26.368306400000002,"longitude":-80.1289321},"telephone":"","sameAs":"https://securityboulevard.com/webinars/"},"organizer":{"@type":"Person","name":"Security Boulevard","description":"","url":"https://securityboulevard.com","telephone":"","email":"w&#101;&#98;i&#110;a&#114;s&#64;&#115;&#101;&#99;u&#114;&#105;t&#121;&#98;&#111;u&#108;&#101;&#118;&#97;&#114;&#100;&#46;com","sameAs":"https://securityboulevard.com"},"performer":"Organization"},{"@context":"http://schema.org","@type":"Event","name":"Zero-Effort Zero-Trust for Blocking Zero-Days in Kubernetes","description":"&lt;p&gt;\u00a0Learn how to define and enforce zero-trust segmentation for network, processes and file access within any Kubernetes cluster without impacting performance. We\\'ll compare traditional, deny list-based security controls against modern, zero-trust allow list-based controls followed by a demonstration of how zero-trust can protect against zero-day attacks as well as exploits such as Log4j and Spring4shell.&lt;/p&gt;\\n","image":"https://securityboulevard.com/wp-content/uploads/2022/09/2022.10.26-SUSE-SB_landing_page_770x330-1.png","url":"https://securityboulevard.com/webinars/zero-effort-zero-trust-for-blocking-zero-days-in-kubernetes-2/","startDate":"2022-10-26T11:00:00-04:00","endDate":"2022-10-26T12:00:00-04:00","location":{"@type":"Place","name":"Live Webinar","description":"","url":"https://securityboulevard.com/venue/live-webinar/","address":{"@type":"PostalAddress","addressLocality":"Boca Raton","addressRegion":"FL","addressCountry":"United States"},"geo":{"@type":"GeoCoordinates","latitude":26.368306400000002,"longitude":-80.1289321},"telephone":"","sameAs":"https://securityboulevard.com/webinars/"},"organizer":{"@type":"Person","name":"Security Boulevard","description":"","url":"https://securityboulevard.com","telephone":"","email":"webi&#110;&#97;&#114;&#115;&#64;sec&#117;rity&#98;o&#117;l&#101;vard&#46;c&#111;m","sameAs":"https://securityboulevard.com"},"performer":"Organization"},{"@context":"http://schema.org","@type":"Event","name":"Debunking the &#8216;Stupid User&#8217; Myth in Security","description":"&lt;p&gt;Join Duke University Professor of Psychology &amp; Neuroscience, Dr. Aaron C. Kay and Nudge Security CEO and co-founder Russell Spitler as they present new research on how human emotion influences security behavior and what CISOs can do to improve compliance with security controls in the modern, distributed workplace.&lt;/p&gt;\\n","image":"https://securityboulevard.com/wp-content/uploads/2022/10/2022.11.03-Nudge-Security-SB_landing_page_-1540-\u00d7-660.png","url":"https://securityboulevard.com/webinars/debunking-the-stupid-user-myth-in-security/","startDate":"2022-11-03T15:00:00-04:00","endDate":"2022-11-03T16:00:00-04:00","location":{"@type":"Place","name":"Live Webinar","description":"","url":"https://securityboulevard.com/venue/live-webinar/","address":{"@type":"PostalAddress","addressLocality":"Boca Raton","addressRegion":"FL","addressCountry":"United States"},"geo":{"@type":"GeoCoordinates","latitude":26.368306400000002,"longitude":-80.1289321},"telephone":"","sameAs":"https://securityboulevard.com/webinars/"},"organizer":{"@type":"Person","name":"Security Boulevard","description":"","url":"https://securityboulevard.com","telephone":"","email":"webi&#110;&#97;rs&#64;se&#99;&#117;&#114;ity&#98;oul&#101;&#118;ar&#100;&#46;c&#111;&#109;","sameAs":"https://securityboulevard.com"},"performer":"Organization"},{"@context":"http://schema.org","@type":"Event","name":"Debunking Common Myths About XDR","description":"&lt;p&gt;This session will walk through some generally accepted value statements associated with XDR while attempting to debunk a few common myths that continue to muddy the water for security teams.&lt;/p&gt;\\n","image":"https://securityboulevard.com/wp-content/uploads/2022/10/2022.11.10-SentinelOne-SB_landing_page_1540x660.png","url":"https://securityboulevard.com/webinars/debunking-common-myths-about-xdr/","startDate":"2022-11-10T13:00:00-05:00","endDate":"2022-11-10T14:00:00-05:00","location":{"@type":"Place","name":"Live Webinar","description":"","url":"https://securityboulevard.com/venue/live-webinar/","address":{"@type":"PostalAddress","addressLocality":"Boca Raton","addressRegion":"FL","addressCountry":"United States"},"geo":{"@type":"GeoCoordinates","latitude":26.368306400000002,"longitude":-80.1289321},"telephone":"","sameAs":"https://securityboulevard.com/webinars/"},"organizer":{"@type":"Person","name":"Security Boulevard","description":"","url":"https://securityboulevard.com","telephone":"","email":"&#119;&#101;&#98;i&#110;ar&#115;&#64;&#115;&#101;&#99;&#117;ri&#116;y&#98;&#111;ul&#101;&#118;ard.c&#111;m","sameAs":"https://securityboulevard.com"},"performer":"Organization"},{"@context":"http://schema.org","@type":"Event","name":"Unleashing the Value of All Log Data","description":"&lt;p&gt;In this webinar, Mike Rothman, GM of Techstrong Research, will share findings from a newly released PulseMeter on creating a strategy to capture all of your log data. In addition, Arfan Sharif, technical marketing engineer at Crowdstrike, will discuss the business and technical challenges around capturing and analyzing data from across the enterprise and how..&lt;/p&gt;\\n","image":"https://securityboulevard.com/wp-content/uploads/2022/10/2022.11.15-CrowdStrike-SB_landing_page_770x330.png","url":"https://securityboulevard.com/webinars/unleashing-the-value-of-all-log-data-2/","startDate":"2022-11-15T15:00:00-05:00","endDate":"2022-11-15T16:00:00-05:00","location":{"@type":"Place","name":"Live Webinar","description":"","url":"https://securityboulevard.com/venue/live-webinar/","address":{"@type":"PostalAddress","addressLocality":"Boca Raton","addressRegion":"FL","addressCountry":"United States"},"geo":{"@type":"GeoCoordinates","latitude":26.368306400000002,"longitude":-80.1289321},"telephone":"","sameAs":"https://securityboulevard.com/webinars/"},"organizer":{"@type":"Person","name":"Security Boulevard","description":"","url":"https://securityboulevard.com","telephone":"","email":"w&#101;b&#105;n&#97;&#114;&#115;&#64;s&#101;cu&#114;i&#116;&#121;b&#111;ulevard&#46;c&#111;&#109;","sameAs":"https://securityboulevard.com"},"performer":"Organization"},{"@context":"http://schema.org","@type":"Event","name":"Understanding SBOMs: A Practical Guide to Implementing NIST/CISA\u2019s Software Bill of Materials (SBOM) Requirements","description":"&lt;p&gt;This webinar provides an overview of the executive order including what constitutes an SBOM, and their intended purpose, usage and shortcomings in software supply chain security. We will then explore how a pipeline bill of materials (PBOM) can be used to expand upon the foundation provided by SBOMs to give you more visibility and control..&lt;/p&gt;\\n","image":"https://securityboulevard.com/wp-content/uploads/2022/09/OnDemand-2022.10.12-Cycode-SB_landing_page_770x330.png","url":"https://securityboulevard.com/webinars/understanding-sboms-a-practical-guide-to-implementing-nist-cisas-software-bill-of-materials-sbom-requirements/","startDate":"2022-11-16T13:00:00-05:00","endDate":"2022-11-16T14:00:00-05:00","location":{"@type":"Place","name":"Live Webinar","description":"","url":"https://securityboulevard.com/venue/live-webinar/","address":{"@type":"PostalAddress","addressLocality":"Boca Raton","addressRegion":"FL","addressCountry":"United States"},"geo":{"@type":"GeoCoordinates","latitude":26.368306400000002,"longitude":-80.1289321},"telephone":"","sameAs":"https://securityboulevard.com/webinars/"},"organizer":{"@type":"Person","name":"Security Boulevard","description":"","url":"https://securityboulevard.com","telephone":"","email":"&#119;eb&#105;n&#97;&#114;s&#64;&#115;e&#99;&#117;r&#105;t&#121;bo&#117;l&#101;var&#100;&#46;c&#111;m","sameAs":"https://securityboulevard.com"},"performer":"Organization"}]
</script></div></aside><aside id="custom_html-32" class="widget_text widget widget_custom_html clearfix"><h3 class="widget-title"><span>Download Free eBook</span></h3><div class="textwidget custom-html-widget"><div class="su-row">
<div class="sue-panel" data-url="" data-target="self" style="background-color:#ffffff;color:#333333;border-radius:0px;-moz-border-radius:0px;-webkit-border-radius:0px;box-shadow:0px 1px 2px #eeeeee;-moz-box-shadow:0px 1px 2px #eeeeee;-webkit-box-shadow:0px 1px 2px #eeeeee;border:0px solid #ddd"><div class="sue-panel-content sue-content-wrap" style="padding:15px;text-align:center"><div class="pt-cv-wrapper"><div class="pt-cv-view pt-cv-grid pt-cv-colsys pt-cv-reused" id="pt-cv-view-06cd18ej3f"><div data-id="pt-cv-page-1" class="pt-cv-page" data-cvc="1"><div class="col-md-12 col-sm-12 col-xs-12 pt-cv-content-item pt-cv-1-col" data-pid="1852861"><div class='pt-cv-ifield'><a href="https://securityboulevard.com/downloads/the-state-of-cloud-native-security-2020/" class="_self pt-cv-href-thumbnail pt-cv-thumb-default cvplbd" target="_self" rel="noopener"><img src="https://securityboulevard.com/wp-content/uploads/2020/07/State-of-Cloud-Native-Security-2020_cover-232x300.jpg" class="pt-cv-thumbnail img-none cvp-substitute" alt="The State of Cloud Native Security 2020" title="" /></a></div></div></div></div></div> <style type="text/css" id="pt-cv-inline-style-9e71fcednq">#pt-cv-view-06cd18ej3f .pt-cv-title a, #pt-cv-view-06cd18ej3f  .panel-title { font-weight: 600 !important; }
#pt-cv-view-06cd18ej3f .pt-cv-carousel-caption  { background-color: rgba(51,51,51,.6) !important; }
#pt-cv-view-06cd18ej3f .pt-cv-specialp { background-color: #CC3333 !important }
#pt-cv-view-06cd18ej3f .pt-cv-specialp * { color: #fff !important; }
#pt-cv-view-06cd18ej3f .pt-cv-pficon  { color: #bbb !important; }
#pt-cv-view-06cd18ej3f .pt-cv-readmore  { color: #ffffff !important; background-color: #00aeef !important; }
#pt-cv-view-06cd18ej3f .pt-cv-readmore:hover  { color: #ffffff !important; background-color: #00aeef !important; }
#pt-cv-view-06cd18ej3f  + .pt-cv-pagination-wrapper .pt-cv-more , #pt-cv-view-06cd18ej3f  + .pt-cv-pagination-wrapper .pagination .active a, .pt-cv-pagination[data-sid='06cd18ej3f'] .active a { color: #ffffff !important; background-color: #00aeef !important; }</style>
</div></div>
</div></div></aside><aside id="custom_html-12" class="widget_text widget widget_custom_html clearfix"><div class="textwidget custom-html-widget">
<div id='div-gpt-ad-1503669457440-2' style='text-align: center;margin-bottom: 5px;'>
<script type="a013c9d52a0a1157690516e6-text/javascript">
googletag.cmd.push(function() { googletag.display('div-gpt-ad-1503669457440-2'); });
</script>
</div></div></aside><aside id="colormag_featured_posts_small_thumbnails-35" class="widget widget_featured_posts widget_featured_posts_small_thumbnails widget_featured_meta clearfix"> <a href="https://securityboulevard.com/industry-spotlight/"><h3 class="widget-title" style="border-bottom-color:;"><span style="background-color:;">Industry Spotlight <i class="fa fa-angle-double-right" aria-hidden="true"></i></span></h3></a> <div class="following-post">
<div class="single-article clearfix">
<figure><a href="https://securityboulevard.com/2022/10/3-billion-defi-hacks-richixbw/" title="$3 BILLION in DeFi Hacks in 2022—So Far"><img width="130" height="90" src="https://securityboulevard.com/wp-content/uploads/2022/10/benjamin-adam-nir-unsplash-130x90.png" class="attachment-colormag-featured-post-small size-colormag-featured-post-small wp-post-image" alt="$3 BILLION in DeFi Hacks in 2022—So Far" loading="lazy" title="$3 BILLION in DeFi Hacks in 2022—So Far" srcset="https://securityboulevard.com/wp-content/uploads/2022/10/benjamin-adam-nir-unsplash-130x90.png 130w, https://securityboulevard.com/wp-content/uploads/2022/10/benjamin-adam-nir-unsplash-392x272.png 392w" sizes="(max-width: 130px) 100vw, 130px" /></a></figure><script type="a013c9d52a0a1157690516e6-text/javascript">console.log('Debug Info: \x53\x74\x79\x6c\x65\x20\x33\x20\x2d\x20\x50\x6f\x73\x74\x3a\x31\x24\x33\x20\x42\x49\x4c\x4c\x49\x4f\x4e\x20\x69\x6e\x20\x44\x65\x46\x69\x20\x48\x61\x63\x6b\x73\x20\x69\x6e\x20\x32\x30\x32\x32\xe2\x80\x94\x53\x6f\x20\x46\x61\x72');</script> <div class="article-content">
<div class="above-entry-meta"><span class="cat-links"><a href="https://securityboulevard.com/category/blogs/security-analytics/" rel="category tag">Analytics &amp; Intelligence</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/application-security/" rel="category tag">Application Security</a>&nbsp;<a href="https://securityboulevard.com/category/blockchain/" rel="category tag">Blockchain</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/cloud-security/" rel="category tag">Cloud Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/cyberlaw/" rel="category tag">Cyberlaw</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/" rel="category tag">Cybersecurity</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/data-security/" rel="category tag">Data Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/devops/" rel="category tag">DevOps</a>&nbsp;<a href="https://securityboulevard.com/category/blockchain/digital-currency/" rel="category tag">Digital Currency</a>&nbsp;<a href="https://securityboulevard.com/category/editorial-calendar/" rel="category tag">Editorial Calendar</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-featured/" rel="category tag">Featured</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/governance-risk-compliance/" rel="category tag">Governance, Risk &amp; Compliance</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/incident-response/" rel="category tag">Incident Response</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-industry-spotlight/" rel="category tag">Industry Spotlight</a>&nbsp;<a href="https://securityboulevard.com/category/sb/most-read-this-week/" rel="category tag">Most Read This Week</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/network-security/" rel="category tag">Network Security</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-news/" rel="category tag">News</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/popular-post/" rel="category tag">Popular Post</a>&nbsp;<a href="https://securityboulevard.com/category/editorial-calendar/securing-the-edge/" rel="category tag">Securing the Edge</a>&nbsp;<a href="https://securityboulevard.com/category/editorial-calendar/security-at-the-edge/" rel="category tag">Security at the Edge</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-awareness/" rel="category tag">Security Awareness</a>&nbsp;<a href="https://securityboulevard.com/category/sb/" rel="category tag">Security Boulevard (Original)</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-spotlight/" rel="category tag">Spotlight</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-analytics/threat-intelligence/" rel="category tag">Threat Intelligence</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/threats-breaches/" rel="category tag">Threats &amp; Breaches</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/threats-breaches/vulnerabilities/" rel="category tag">Vulnerabilities</a>&nbsp;</span></div> <h3 class="entry-title">
<a href="https://securityboulevard.com/2022/10/3-billion-defi-hacks-richixbw/" title="$3 BILLION in DeFi Hacks in 2022—So Far">$3 BILLION in DeFi Hacks in 2022—So Far</a>
</h3>
<div class="below-entry-meta">
<span class="posted-on"><a href="https://securityboulevard.com/2022/10/3-billion-defi-hacks-richixbw/" title="3:06 pm" rel="bookmark"><i class="fa fa-calendar-o"></i> <time class="entry-date published" datetime="2022-10-17T15:06:45-04:00">October 17, 2022</time></a></span> <span class="byline"><span class="author vcard"><i class="fa fa-user"></i><a class="url fn n" href="https://securityboulevard.com/author/richi/" title="Richi Jennings">Richi Jennings | 4 hours ago</a></span></span>
<span class="comments"><i class="fa fa-comment"></i><a href="https://securityboulevard.com/2022/10/3-billion-defi-hacks-richixbw/#respond"><span class="dsq-postid" data-dsqidentifier="1941962 https://securityboulevard.com/?p=1941962">0</span></a></span>
</div>
</div>
</div>
<div class="single-article clearfix">
<figure><a href="https://securityboulevard.com/2022/10/time-for-security-with-the-open-xdr-approach/" title="Time for Security With the Open XDR Approach"><img width="130" height="90" src="https://securityboulevard.com/wp-content/uploads/2021/10/time-ethan-medrano-unsplash-130x90.png" class="attachment-colormag-featured-post-small size-colormag-featured-post-small wp-post-image" alt="Time for Security With the Open XDR Approach" loading="lazy" title="Time for Security With the Open XDR Approach" srcset="https://securityboulevard.com/wp-content/uploads/2021/10/time-ethan-medrano-unsplash-130x90.png 130w, https://securityboulevard.com/wp-content/uploads/2021/10/time-ethan-medrano-unsplash-392x272.png 392w" sizes="(max-width: 130px) 100vw, 130px" /></a></figure><script type="a013c9d52a0a1157690516e6-text/javascript">console.log('Debug Info: \x53\x74\x79\x6c\x65\x20\x33\x20\x2d\x20\x50\x6f\x73\x74\x3a\x32\x54\x69\x6d\x65\x20\x66\x6f\x72\x20\x53\x65\x63\x75\x72\x69\x74\x79\x20\x57\x69\x74\x68\x20\x74\x68\x65\x20\x4f\x70\x65\x6e\x20\x58\x44\x52\x20\x41\x70\x70\x72\x6f\x61\x63\x68');</script> <div class="article-content">
<div class="above-entry-meta"><span class="cat-links"><a href="https://securityboulevard.com/category/blogs/security-analytics/" rel="category tag">Analytics &amp; Intelligence</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/" rel="category tag">Cybersecurity</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/data-security/" rel="category tag">Data Security</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-industry-spotlight/" rel="category tag">Industry Spotlight</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/network-security/" rel="category tag">Network Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-awareness/" rel="category tag">Security Awareness</a>&nbsp;<a href="https://securityboulevard.com/category/sb/" rel="category tag">Security Boulevard (Original)</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-analytics/threat-intelligence/" rel="category tag">Threat Intelligence</a>&nbsp;</span></div> <h3 class="entry-title">
<a href="https://securityboulevard.com/2022/10/time-for-security-with-the-open-xdr-approach/" title="Time for Security With the Open XDR Approach">Time for Security With the Open XDR Approach</a>
</h3>
<div class="below-entry-meta">
<span class="posted-on"><a href="https://securityboulevard.com/2022/10/time-for-security-with-the-open-xdr-approach/" title="9:00 am" rel="bookmark"><i class="fa fa-calendar-o"></i> <time class="entry-date published" datetime="2022-10-04T09:00:47-04:00">October 4, 2022</time></a></span> <span class="byline"><span class="author vcard"><i class="fa fa-user"></i><a class="url fn n" href="https://securityboulevard.com/author/samuel-jones/" title="Samuel Jones">Samuel Jones | Oct 04</a></span></span>
<span class="comments"><i class="fa fa-comment"></i><a href="https://securityboulevard.com/2022/10/time-for-security-with-the-open-xdr-approach/#respond"><span class="dsq-postid" data-dsqidentifier="1939807 https://securityboulevard.com/?p=1939807">0</span></a></span>
</div>
</div>
</div>
<div class="single-article clearfix">
<figure><a href="https://securityboulevard.com/2022/09/russia-cyberattack-ukraine-richixbw/" title="Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure"><img width="130" height="90" src="https://securityboulevard.com/wp-content/uploads/2022/09/ukraine-gleb-albovsky-unsplash-130x90.png" class="attachment-colormag-featured-post-small size-colormag-featured-post-small wp-post-image" alt="Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure" loading="lazy" title="Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure" srcset="https://securityboulevard.com/wp-content/uploads/2022/09/ukraine-gleb-albovsky-unsplash-130x90.png 130w, https://securityboulevard.com/wp-content/uploads/2022/09/ukraine-gleb-albovsky-unsplash-392x272.png 392w" sizes="(max-width: 130px) 100vw, 130px" /></a></figure><script type="a013c9d52a0a1157690516e6-text/javascript">console.log('Debug Info: \x53\x74\x79\x6c\x65\x20\x33\x20\x2d\x20\x50\x6f\x73\x74\x3a\x33\x52\x75\x73\x73\x69\x61\x20\xe2\x80\x98\x50\x6c\x61\x6e\x73\xe2\x80\x99\x20\x48\x55\x47\x45\x20\x43\x79\x62\x65\x72\x61\x74\x74\x61\x63\x6b\x20\x6f\x6e\x20\x43\x72\x69\x74\x69\x63\x61\x6c\x20\x49\x6e\x66\x72\x61\x73\x74\x72\x75\x63\x74\x75\x72\x65');</script> <div class="article-content">
<div class="above-entry-meta"><span class="cat-links"><a href="https://securityboulevard.com/category/blogs/application-security/" rel="category tag">Application Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/cyberlaw/" rel="category tag">Cyberlaw</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/" rel="category tag">Cybersecurity</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/data-security/" rel="category tag">Data Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/devops/" rel="category tag">DevOps</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/endpoint/" rel="category tag">Endpoint</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-featured/" rel="category tag">Featured</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/governance-risk-compliance/" rel="category tag">Governance, Risk &amp; Compliance</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/identity-access/" rel="category tag">Identity &amp; Access</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/incident-response/" rel="category tag">Incident Response</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-industry-spotlight/" rel="category tag">Industry Spotlight</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/iot-ics-security/" rel="category tag">IoT &amp; ICS Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/malware/" rel="category tag">Malware</a>&nbsp;<a href="https://securityboulevard.com/category/sb/most-read-this-week/" rel="category tag">Most Read This Week</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/network-security/" rel="category tag">Network Security</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-news/" rel="category tag">News</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/popular-post/" rel="category tag">Popular Post</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-awareness/" rel="category tag">Security Awareness</a>&nbsp;<a href="https://securityboulevard.com/category/sb/" rel="category tag">Security Boulevard (Original)</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/social-engineering/" rel="category tag">Social Engineering</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-spotlight/" rel="category tag">Spotlight</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-analytics/threat-intelligence/" rel="category tag">Threat Intelligence</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/threats-breaches/" rel="category tag">Threats &amp; Breaches</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/threats-breaches/vulnerabilities/" rel="category tag">Vulnerabilities</a>&nbsp;</span></div> <h3 class="entry-title">
<a href="https://securityboulevard.com/2022/09/russia-cyberattack-ukraine-richixbw/" title="Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure">Russia ‘Plans’ HUGE Cyberattack on Critical Infrastructure</a>
</h3>
<div class="below-entry-meta">
<span class="posted-on"><a href="https://securityboulevard.com/2022/09/russia-cyberattack-ukraine-richixbw/" title="1:29 pm" rel="bookmark"><i class="fa fa-calendar-o"></i> <time class="entry-date published" datetime="2022-09-27T13:29:49-04:00">September 27, 2022</time></a></span> <span class="byline"><span class="author vcard"><i class="fa fa-user"></i><a class="url fn n" href="https://securityboulevard.com/author/richi/" title="Richi Jennings">Richi Jennings | Sep 27</a></span></span>
<span class="comments"><i class="fa fa-comment"></i><a href="https://securityboulevard.com/2022/09/russia-cyberattack-ukraine-richixbw/#respond"><span class="dsq-postid" data-dsqidentifier="1939631 https://securityboulevard.com/?p=1939631">0</span></a></span>
</div>
</div>
</div>
</div>
</aside><aside id="colormag_featured_posts_small_thumbnails-33" class="widget widget_featured_posts widget_featured_posts_small_thumbnails widget_featured_meta clearfix"> <a href="https://securityboulevard.com/cybersecurity-news/"><h3 class="widget-title" style="border-bottom-color:;"><span style="background-color:;">Top Stories <i class="fa fa-angle-double-right" aria-hidden="true"></i></span></h3></a> <div class="following-post">
<div class="single-article clearfix">
<figure><a href="https://securityboulevard.com/2022/10/gao-feds-could-improve-collaboration-on-ransomware/" title="GAO: Feds Could Improve Collaboration on Ransomware"><img width="130" height="90" src="https://securityboulevard.com/wp-content/uploads/2018/06/Age-Of-Collaboration-130x90.jpg" class="attachment-colormag-featured-post-small size-colormag-featured-post-small wp-post-image" alt="GAO: Feds Could Improve Collaboration on Ransomware" loading="lazy" title="GAO: Feds Could Improve Collaboration on Ransomware" srcset="https://securityboulevard.com/wp-content/uploads/2018/06/Age-Of-Collaboration-130x90.jpg 130w, https://securityboulevard.com/wp-content/uploads/2018/06/Age-Of-Collaboration-392x272.jpg 392w" sizes="(max-width: 130px) 100vw, 130px" /></a></figure><script type="a013c9d52a0a1157690516e6-text/javascript">console.log('Debug Info: \x53\x74\x79\x6c\x65\x20\x33\x20\x2d\x20\x50\x6f\x73\x74\x3a\x31\x47\x41\x4f\x3a\x20\x46\x65\x64\x73\x20\x43\x6f\x75\x6c\x64\x20\x49\x6d\x70\x72\x6f\x76\x65\x20\x43\x6f\x6c\x6c\x61\x62\x6f\x72\x61\x74\x69\x6f\x6e\x20\x6f\x6e\x20\x52\x61\x6e\x73\x6f\x6d\x77\x61\x72\x65');</script> <div class="article-content">
<div class="above-entry-meta"><span class="cat-links"><a href="https://securityboulevard.com/category/blogs/application-security/" rel="category tag">Application Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/cyberlaw/" rel="category tag">Cyberlaw</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/" rel="category tag">Cybersecurity</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-featured/" rel="category tag">Featured</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/governance-risk-compliance/" rel="category tag">Governance, Risk &amp; Compliance</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/incident-response/" rel="category tag">Incident Response</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/malware/" rel="category tag">Malware</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-news/" rel="category tag">News</a>&nbsp;<a href="https://securityboulevard.com/category/sb/" rel="category tag">Security Boulevard (Original)</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-spotlight/" rel="category tag">Spotlight</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-analytics/threat-intelligence/" rel="category tag">Threat Intelligence</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/threats-breaches/" rel="category tag">Threats &amp; Breaches</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/threats-breaches/vulnerabilities/" rel="category tag">Vulnerabilities</a>&nbsp;</span></div> <h3 class="entry-title">
<a href="https://securityboulevard.com/2022/10/gao-feds-could-improve-collaboration-on-ransomware/" title="GAO: Feds Could Improve Collaboration on Ransomware">GAO: Feds Could Improve Collaboration on Ransomware</a>
</h3>
<div class="below-entry-meta">
<span class="posted-on"><a href="https://securityboulevard.com/2022/10/gao-feds-could-improve-collaboration-on-ransomware/" title="8:00 am" rel="bookmark"><i class="fa fa-calendar-o"></i> <time class="entry-date published" datetime="2022-10-17T08:00:54-04:00">October 17, 2022</time></a></span> <span class="byline"><span class="author vcard"><i class="fa fa-user"></i><a class="url fn n" href="https://securityboulevard.com/author/nathan-eddy/" title="Nathan Eddy">Nathan Eddy | 11 hours ago</a></span></span>
<span class="comments"><i class="fa fa-comment"></i><a href="https://securityboulevard.com/2022/10/gao-feds-could-improve-collaboration-on-ransomware/#respond"><span class="dsq-postid" data-dsqidentifier="1941725 https://securityboulevard.com/?p=1941725">0</span></a></span>
</div>
</div>
</div>
<div class="single-article clearfix">
<figure><a href="https://securityboulevard.com/2022/10/exabeam-taps-kubernetes-to-deliver-next-gen-siem/" title="Exabeam Taps Kubernetes to Deliver Next-Gen SIEM"><img width="130" height="90" src="https://securityboulevard.com/wp-content/uploads/2022/02/application-security2-130x90.jpg" class="attachment-colormag-featured-post-small size-colormag-featured-post-small wp-post-image" alt="Exabeam Taps Kubernetes to Deliver Next-Gen SIEM" loading="lazy" title="Exabeam Taps Kubernetes to Deliver Next-Gen SIEM" srcset="https://securityboulevard.com/wp-content/uploads/2022/02/application-security2-130x90.jpg 130w, https://securityboulevard.com/wp-content/uploads/2022/02/application-security2-392x272.jpg 392w" sizes="(max-width: 130px) 100vw, 130px" /></a></figure><script type="a013c9d52a0a1157690516e6-text/javascript">console.log('Debug Info: \x53\x74\x79\x6c\x65\x20\x33\x20\x2d\x20\x50\x6f\x73\x74\x3a\x32\x45\x78\x61\x62\x65\x61\x6d\x20\x54\x61\x70\x73\x20\x4b\x75\x62\x65\x72\x6e\x65\x74\x65\x73\x20\x74\x6f\x20\x44\x65\x6c\x69\x76\x65\x72\x20\x4e\x65\x78\x74\x2d\x47\x65\x6e\x20\x53\x49\x45\x4d');</script> <div class="article-content">
<div class="above-entry-meta"><span class="cat-links"><a href="https://securityboulevard.com/category/blogs/" rel="category tag">Cybersecurity</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-featured/" rel="category tag">Featured</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/incident-response/" rel="category tag">Incident Response</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/network-security/" rel="category tag">Network Security</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-news/" rel="category tag">News</a>&nbsp;<a href="https://securityboulevard.com/category/sb/" rel="category tag">Security Boulevard (Original)</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-spotlight/" rel="category tag">Spotlight</a>&nbsp;</span></div> <h3 class="entry-title">
<a href="https://securityboulevard.com/2022/10/exabeam-taps-kubernetes-to-deliver-next-gen-siem/" title="Exabeam Taps Kubernetes to Deliver Next-Gen SIEM">Exabeam Taps Kubernetes to Deliver Next-Gen SIEM</a>
</h3>
<div class="below-entry-meta">
<span class="posted-on"><a href="https://securityboulevard.com/2022/10/exabeam-taps-kubernetes-to-deliver-next-gen-siem/" title="8:00 am" rel="bookmark"><i class="fa fa-calendar-o"></i> <time class="entry-date published" datetime="2022-10-17T08:00:14-04:00">October 17, 2022</time></a></span> <span class="byline"><span class="author vcard"><i class="fa fa-user"></i><a class="url fn n" href="https://securityboulevard.com/author/mike-vizard/" title="Michael Vizard">Michael Vizard | 11 hours ago</a></span></span>
<span class="comments"><i class="fa fa-comment"></i><a href="https://securityboulevard.com/2022/10/exabeam-taps-kubernetes-to-deliver-next-gen-siem/#respond"><span class="dsq-postid" data-dsqidentifier="1941883 https://securityboulevard.com/?p=1941883">0</span></a></span>
</div>
</div>
</div>
<div class="single-article clearfix">
<figure><a href="https://securityboulevard.com/2022/10/linux-5-bugs-wi-fi-richixbw/" title="Linux Fixes 5 Gaping Holes in Wi-Fi"><img width="130" height="90" src="https://securityboulevard.com/wp-content/uploads/2022/10/linus-torvalds-laboratorio-linux-by-nc-sa-130x90.png" class="attachment-colormag-featured-post-small size-colormag-featured-post-small wp-post-image" alt="Linux Fixes 5 Gaping Holes in Wi-Fi" loading="lazy" title="Linux Fixes 5 Gaping Holes in Wi-Fi" srcset="https://securityboulevard.com/wp-content/uploads/2022/10/linus-torvalds-laboratorio-linux-by-nc-sa-130x90.png 130w, https://securityboulevard.com/wp-content/uploads/2022/10/linus-torvalds-laboratorio-linux-by-nc-sa-392x272.png 392w" sizes="(max-width: 130px) 100vw, 130px" /></a></figure><script type="a013c9d52a0a1157690516e6-text/javascript">console.log('Debug Info: \x53\x74\x79\x6c\x65\x20\x33\x20\x2d\x20\x50\x6f\x73\x74\x3a\x33\x4c\x69\x6e\x75\x78\x20\x46\x69\x78\x65\x73\x20\x35\x20\x47\x61\x70\x69\x6e\x67\x20\x48\x6f\x6c\x65\x73\x20\x69\x6e\x20\x57\x69\x2d\x46\x69');</script> <div class="article-content">
<div class="above-entry-meta"><span class="cat-links"><a href="https://securityboulevard.com/category/blogs/security-analytics/" rel="category tag">Analytics &amp; Intelligence</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/cloud-security/" rel="category tag">Cloud Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/" rel="category tag">Cybersecurity</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/data-security/" rel="category tag">Data Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/devops/" rel="category tag">DevOps</a>&nbsp;<a href="https://securityboulevard.com/category/editorial-calendar/" rel="category tag">Editorial Calendar</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/endpoint/" rel="category tag">Endpoint</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-featured/" rel="category tag">Featured</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/governance-risk-compliance/" rel="category tag">Governance, Risk &amp; Compliance</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/identity-access/" rel="category tag">Identity &amp; Access</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/incident-response/" rel="category tag">Incident Response</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/iot-ics-security/" rel="category tag">IoT &amp; ICS Security</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/malware/" rel="category tag">Malware</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/mobile-security/" rel="category tag">Mobile Security</a>&nbsp;<a href="https://securityboulevard.com/category/sb/most-read-this-week/" rel="category tag">Most Read This Week</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/network-security/" rel="category tag">Network Security</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-news/" rel="category tag">News</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/popular-post/" rel="category tag">Popular Post</a>&nbsp;<a href="https://securityboulevard.com/category/editorial-calendar/securing-open-source/" rel="category tag">Securing Open Source</a>&nbsp;<a href="https://securityboulevard.com/category/editorial-calendar/securing-the-edge/" rel="category tag">Securing the Edge</a>&nbsp;<a href="https://securityboulevard.com/category/editorial-calendar/security-at-the-edge/" rel="category tag">Security at the Edge</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-awareness/" rel="category tag">Security Awareness</a>&nbsp;<a href="https://securityboulevard.com/category/sb/" rel="category tag">Security Boulevard (Original)</a>&nbsp;<a href="https://securityboulevard.com/category/sb/sb-spotlight/" rel="category tag">Spotlight</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/security-analytics/threat-intelligence/" rel="category tag">Threat Intelligence</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/threats-breaches/" rel="category tag">Threats &amp; Breaches</a>&nbsp;<a href="https://securityboulevard.com/category/blogs/threats-breaches/vulnerabilities/" rel="category tag">Vulnerabilities</a>&nbsp;</span></div> <h3 class="entry-title">
<a href="https://securityboulevard.com/2022/10/linux-5-bugs-wi-fi-richixbw/" title="Linux Fixes 5 Gaping Holes in Wi-Fi">Linux Fixes 5 Gaping Holes in Wi-Fi</a>
</h3>
<div class="below-entry-meta">
<span class="posted-on"><a href="https://securityboulevard.com/2022/10/linux-5-bugs-wi-fi-richixbw/" title="11:23 am" rel="bookmark"><i class="fa fa-calendar-o"></i> <time class="entry-date published" datetime="2022-10-14T11:23:02-04:00">October 14, 2022</time></a></span> <span class="byline"><span class="author vcard"><i class="fa fa-user"></i><a class="url fn n" href="https://securityboulevard.com/author/richi/" title="Richi Jennings">Richi Jennings | 3 days ago</a></span></span>
<span class="comments"><i class="fa fa-comment"></i><a href="https://securityboulevard.com/2022/10/linux-5-bugs-wi-fi-richixbw/#respond"><span class="dsq-postid" data-dsqidentifier="1941752 https://securityboulevard.com/?p=1941752">0</span></a></span>
</div>
</div>
</div>
</div>
</aside><aside class='widget_text widget widget_custom_html clearfix new-html-widget'>
<h3 class='widget-title'>
<span><a href='https://securityboulevard.com/humor'>Security Humor <i class='fa fa-angle-double-right' aria-hidden='true'></i></a></span>
</h3>
<div class='textwidget custom-html-widget'><div class="pt-cv-wrapper"><div class="pt-cv-view pt-cv-grid pt-cv-colsys" id="pt-cv-view-1c5dfbeekc"><div data-id="pt-cv-page-1" class="pt-cv-page" data-cvc="1"><div class="col-md-12 col-sm-12 col-xs-12 pt-cv-content-item pt-cv-1-col" data-pid="1941807"><div class='pt-cv-ifield'><a href="https://securityboulevard.com/2022/10/xkcd-fan-theories/" class="_self pt-cv-href-thumbnail pt-cv-thumb-default cvplbd" target="_self"><img width="300" src="https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/cbf932e0-b203-4784-9f23-a61a5e99950a/fan_theories.png?format=1000w" class="pt-cv-thumbnail img-none cvp-substitute" alt="XKCD &#039;Fan Theories&#039;" title="" /></a>
<h4 class="pt-cv-title"><a href="https://securityboulevard.com/2022/10/xkcd-fan-theories/" class="_self cvplbd" target="_self">XKCD &#8216;Fan Theories&#8217;</a></h4></div></div></div></div></div> <style type="text/css" id="pt-cv-inline-style-05d067bqgw">#pt-cv-view-1c5dfbeekc .pt-cv-title a, #pt-cv-view-1c5dfbeekc  .panel-title { font-weight: 600 !important; }
#pt-cv-view-1c5dfbeekc .pt-cv-carousel-caption  { background-color: rgba(51,51,51,.6) !important; }
#pt-cv-view-1c5dfbeekc .pt-cv-specialp { background-color: #CC3333 !important }
#pt-cv-view-1c5dfbeekc .pt-cv-specialp * { color: #fff !important; }
#pt-cv-view-1c5dfbeekc .pt-cv-pficon  { color: #bbb !important; }
#pt-cv-view-1c5dfbeekc .pt-cv-readmore  { color: #ffffff !important; background-color: #00aeef !important; }
#pt-cv-view-1c5dfbeekc .pt-cv-readmore:hover  { color: #ffffff !important; background-color: #00aeef !important; }
#pt-cv-view-1c5dfbeekc  + .pt-cv-pagination-wrapper .pt-cv-more , #pt-cv-view-1c5dfbeekc  + .pt-cv-pagination-wrapper .pagination .active a, .pt-cv-pagination[data-sid='1c5dfbeekc'] .active a { color: #ffffff !important; background-color: #00aeef !important; }</style>
</div></aside><aside id="custom_html-35" class="widget_text widget widget_custom_html clearfix"><div class="textwidget custom-html-widget"></div></aside>
</div>
</div>
</div>
<div class="advertisement_above_footer">
<div class="inner-wrap">
<aside id="custom_html-13" class="widget_text widget widget_custom_html clearfix"><div class="textwidget custom-html-widget">
<div id='div-gpt-ad-1503669457440-1' style='text-align: center;'>
<script type="a013c9d52a0a1157690516e6-text/javascript">
googletag.cmd.push(function() { googletag.display('div-gpt-ad-1503669457440-1'); });
</script>
</div></div></aside> </div>
</div>
<footer id="colophon" class="clearfix">
<div class="footer-widgets-wrapper">
<div class="inner-wrap">
<div class="footer-widgets-area clearfix">
<div class="tg-upper-footer-widgets clearfix">
<div class="footer_upper_widget_area tg-one-third">
</div>
<div class="footer_upper_widget_area tg-one-third">
</div>
<div class="footer_upper_widget_area tg-one-third tg-one-third-last">
</div>
</div>
<div class="tg-footer-main-widget">
<div class="tg-first-footer-widget">
<aside id="text-13" class="widget widget_text clearfix"> <div class="textwidget"><p><img style="margin-top: 50px;" src="https://securityboulevard.com/wp-content/uploads/2021/10/security-boulevard-white.png" alt="Security Boulevard Logo White" /></p>
<p><a title="DMCA Compliance information for staging-securityboulevard.kinsta.cloud" href="https://www.dmca.com/compliance/staging-securityboulevard.kinsta.cloud"><img src="https://www.dmca.com/img/dmca-compliant-grayscale.png" alt="DMCA" /></a></p>
</div>
</aside> </div>
</div>
<div class="tg-footer-other-widgets">
<div class="tg-second-footer-widget">
<aside id="nav_menu-4" class="widget widget_nav_menu clearfix"><h3 class="widget-title"><span>Join the Community</span></h3><div class="menu-join-the-community-container"><ul id="menu-join-the-community" class="menu"><li id="menu-item-1599856" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1599856"><a href="https://securityboulevard.com/boulevard-feed-request/">Add your blog to Security Bloggers Network</a></li>
<li id="menu-item-1599847" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1599847"><a href="https://securityboulevard.com/write-for-security-boulevard/">Write for Security Boulevard</a></li>
<li id="menu-item-1599792" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1599792"><a href="https://securityboulevard.com/bloggers-meetup-awards/">Bloggers Meetup and Awards</a></li>
<li id="menu-item-1646635" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1646635"><a href="https://securityboulevard.com/inquiry/">Ask a Question</a></li>
<li id="menu-item-1646644" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1646644"><a href="/cdn-cgi/l/email-protection#c8a1a6aea788bbadabbdbaa1bcb1aaa7bda4adbea9baace6aba7a5">Email: <span class="__cf_email__" data-cfemail="84edeae2ebc4f7e1e7f1f6edf0fde6ebf1e8e1f2e5f6e0aae7ebe9">[email&#160;protected]</span></a></li>
</ul></div></aside> </div>
<div class="tg-third-footer-widget">
<aside id="nav_menu-8" class="widget widget_nav_menu clearfix"><h3 class="widget-title"><span>Useful Links</span></h3><div class="menu-useful-links-container"><ul id="menu-useful-links" class="menu"><li id="menu-item-1592670" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1592670"><a href="https://securityboulevard.com/about/">About</a></li>
<li id="menu-item-1793924" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1793924"><a target="_blank" rel="noopener" href="https://techstronggroup.com/assets/techstrong-media-kit.pdf">Media Kit</a></li>
<li id="menu-item-1941358" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1941358"><a target="_blank" rel="noopener" href="https://techstronggroup.com/tellmemore/">Sponsor Info</a></li>
<li id="menu-item-1592784" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1592784"><a href="https://securityboulevard.com/copyright/">Copyright</a></li>
<li id="menu-item-1592783" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-1592783"><a href="https://securityboulevard.com/tos/">TOS</a></li>
<li id="menu-item-1827872" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1827872"><a href="https://www.dmca.com/compliance/securityboulevard.com">DMCA Compliance Statement</a></li>
<li id="menu-item-1896546" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1896546"><a target="_blank" rel="noopener" href="https://techstronggroup.com/privacy-policy/">Privacy Policy</a></li>
</ul></div></aside> </div>
<div class="tg-fourth-footer-widget">
<aside id="nav_menu-7" class="widget widget_nav_menu clearfix"><h3 class="widget-title"><span>Related Sites</span></h3><div class="menu-other-techstrong-sites-container"><ul id="menu-other-techstrong-sites" class="menu"><li id="menu-item-1896553" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1896553"><a target="_blank" rel="noopener" href="https://techstronggroup.com/">Techstrong Group</a></li>
<li id="menu-item-1646640" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1646640"><a target="_blank" rel="noopener" href="https://containerjournal.com/">Container Journal</a></li>
<li id="menu-item-1646638" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1646638"><a target="_blank" rel="noopener" href="https://devops.com/">DevOps.com</a></li>
<li id="menu-item-1896554" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1896554"><a target="_blank" rel="noopener" href="https://techstrongresearch.com/">Techstrong Research</a></li>
<li id="menu-item-1896555" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1896555"><a target="_blank" rel="noopener" href="https://techstrong.tv/">Techstrong TV</a></li>
<li id="menu-item-1896556" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1896556"><a target="_blank" rel="noopener" href="https://soundcloud.com/devopschat">DevOps Chat</a></li>
<li id="menu-item-1896557" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1896557"><a target="_blank" rel="noopener" href="https://devopsdozen.com/">DevOps Dozen</a></li>
<li id="menu-item-1896558" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1896558"><a target="_blank" rel="noopener" href="https://www.youtube.com/channel/UC-zcE077X98oTEDPwKkDQxQ">DevOps TV</a></li>
<li id="menu-item-1896559" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-1896559"><a target="_blank" rel="noopener" href="https://digitalanarchist.com/">Digital Anarchist</a></li>
</ul></div></aside> </div>
</div>
</div>
</div>
</div>
<div class="footer-socket-wrapper clearfix">
<div class="inner-wrap">
<div class="footer-socket-area">
<div class="footer-socket-right-section">
<div class="social-links clearfix">
<ul>
<li><a href="https://twitter.com/securityblvd" target="_blank"><i class="fa fa-twitter"></i></a></li><li><a href="https://www.linkedin.com/groups/64292" target="_blank"><i class="fa fa-linkedin"></i></a></li><li><a href="https://www.facebook.com/groups/24445075146/" target="_blank"><i class="fa fa-facebook"></i></a></li><li><a href="https://www.youtube.com/channel/UC1a8XaAVjQSn_SgIW-rdq0A" target="_blank"><i class="fa fa-youtube"></i></a></li><li><a href="https://soundcloud.com/user-540767378" target="_blank"><i class="fa fa-soundcloud"></i></a></li> <li><a href="https://securityboulevard.com/feed/"><i class="fa fa-rss"></i></a></li><li><a href="https://news.google.com/publications/CAAqMggKIixDQklTR3dnTWFoY0tGWE5sWTNWeWFYUjVZbTkxYkdWMllYSmtMbU52YlNnQVAB?hl=en-US&#038;gl=US&#038;ceid=US%3Aen"><i class="fa fa-google"></i></a></li> </ul>
</div>
<nav class="footer-menu clearfix">
</nav>
</div>
<div class="footer-socket-left-section">
<div class="powered-by"><a href="https://techstronggroup.com/" target="_blank"><img src="https://techstronggroup.com/wp-content/uploads/2021/10/powered-by-techstrong-ftr.png" alt="Powered by Techstrong Group" style="margin-bottom: 8px;"></a></div>
<div class="copyright">Copyright © 2022 <a href="https://techstronggroup.com/">Techstrong Group Inc.</a> All rights reserved.</div> </div>
</div>
</div>
</div>
</footer>
</div>
<script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script><script type="a013c9d52a0a1157690516e6-text/javascript">// <![CDATA[
jQuery(document).ready(function($){
    $('a[href]:not([href^="https://securityboulevard.com"]):not([href^="#"]):not([href^="javascript:;"]):not([href^="/"])').attr( 'target', '_blank' );
});
// ]]></script>
<div class='code-block code-block-3' style='margin: 8px 0; clear: both;'>

<div id='div-gpt-ad-1538595968677-0'>
<script type="a013c9d52a0a1157690516e6-text/javascript">
googletag.cmd.push(function() { googletag.display('div-gpt-ad-1538595968677-0'); });
</script>
</div></div>
<script type="a013c9d52a0a1157690516e6-text/javascript">
		( function ( body ) {
			'use strict';
			body.className = body.className.replace( /\btribe-no-js\b/, 'tribe-js' );
		} )( document.body );
		</script>


<noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5VL4PHQ" height="0" width="0" style="display:none;visibility:hidden" aria-hidden="true"></iframe></noscript>
 <div style="display:none">
<div class="grofile-hash-map-2ae600ea057f303907c68ed1ff8d2f89">
</div>
</div>
<script type="a013c9d52a0a1157690516e6-text/javascript"> /* <![CDATA[ */var tribe_l10n_datatables = {"aria":{"sort_ascending":": activate to sort column ascending","sort_descending":": activate to sort column descending"},"length_menu":"Show _MENU_ entries","empty_table":"No data available in table","info":"Showing _START_ to _END_ of _TOTAL_ entries","info_empty":"Showing 0 to 0 of 0 entries","info_filtered":"(filtered from _MAX_ total entries)","zero_records":"No matching records found","search":"Search:","all_selected_text":"All items on this page were selected. ","select_all_link":"Select all pages","clear_selection":"Clear Selection.","pagination":{"all":"All","next":"Next","previous":"Previous"},"select":{"rows":{"0":"","_":": Selected %d rows","1":": Selected 1 row"}},"datepicker":{"dayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"dayNamesShort":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"dayNamesMin":["S","M","T","W","T","F","S"],"monthNames":["January","February","March","April","May","June","July","August","September","October","November","December"],"monthNamesShort":["January","February","March","April","May","June","July","August","September","October","November","December"],"monthNamesMin":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"],"nextText":"Next","prevText":"Prev","currentText":"Today","closeText":"Done","today":"Today","clear":"Clear"}};/* ]]> */ </script><div class="sgpb-main-popup-data-container-1937996" style="position:fixed;opacity: 0;filter: opacity(0%);transform: scale(0);">
<div class="sg-popup-builder-content" id="sg-popup-content-wrapper-1937996" data-id="1937996" data-events="[{&quot;param&quot;:&quot;load&quot;,&quot;value&quot;:&quot;&quot;,&quot;hiddenOption&quot;:[]}]" data-options="eyJzZ3BiLXR5cGUiOiJodG1sIiwic2dwYi1pcy1wcmV2aWV3IjoiMCIsInNncGItaXMtYWN0aXZlIjoiY2hlY2tlZCIsInNncGItYmVoYXZpb3ItYWZ0ZXItc3BlY2lhbC1ldmVudHMiOltbeyJwYXJhbSI6InNlbGVjdF9ldmVudCJ9XV0sInNncGItY29udGVudC1wYWRkaW5nIjoiMCIsInNncGItcG9wdXAtei1pbmRleCI6Ijk5OTkiLCJzZ3BiLXBvcHVwLXRoZW1lcyI6InNncGItdGhlbWUtMyIsInNncGItZW5hYmxlLXBvcHVwLW92ZXJsYXkiOiJvbiIsInNncGItb3ZlcmxheS1jb2xvciI6IiMwMDAwMDAiLCJzZ3BiLW92ZXJsYXktb3BhY2l0eSI6IjAuOSIsInNncGItY29udGVudC1jdXN0b20tY2xhc3MiOiJzZy1wb3B1cC1jb250ZW50Iiwic2dwYi1zaG93LWJhY2tncm91bmQiOiJvbiIsInNncGItYmFja2dyb3VuZC1jb2xvciI6IiMwMDAwMDAiLCJzZ3BiLWNvbnRlbnQtb3BhY2l0eSI6IjEiLCJzZ3BiLWJhY2tncm91bmQtaW1hZ2UiOiIiLCJzZ3BiLWJhY2tncm91bmQtaW1hZ2UtbW9kZSI6Im5vLXJlcGVhdCIsInNncGItZXNjLWtleSI6Im9uIiwic2dwYi1lbmFibGUtY2xvc2UtYnV0dG9uIjoib24iLCJzZ3BiLWNsb3NlLWJ1dHRvbi1kZWxheSI6IjAiLCJzZ3BiLWNsb3NlLWJ1dHRvbi1wb3NpdGlvbiI6InRvcFJpZ2h0Iiwic2dwYi1idXR0b24tcG9zaXRpb24tdG9wIjoiNCIsInNncGItYnV0dG9uLXBvc2l0aW9uLXJpZ2h0IjoiNCIsInNncGItYnV0dG9uLXBvc2l0aW9uLWJvdHRvbSI6IjAiLCJzZ3BiLWJ1dHRvbi1wb3NpdGlvbi1sZWZ0IjoiIiwic2dwYi1idXR0b24taW1hZ2UiOiIiLCJzZ3BiLWJ1dHRvbi1pbWFnZS13aWR0aCI6IjM4Iiwic2dwYi1idXR0b24taW1hZ2UtaGVpZ2h0IjoiMTkiLCJzZ3BiLWJvcmRlci1jb2xvciI6IiMwMDAwMDAiLCJzZ3BiLWJvcmRlci1yYWRpdXMiOiIwIiwic2dwYi1ib3JkZXItcmFkaXVzLXR5cGUiOiIlIiwic2dwYi1idXR0b24tdGV4dCI6IkNsb3NlIiwic2dwYi1vdmVybGF5LWNsaWNrIjoib24iLCJzZ3BiLWNsb3NpbmctY291bnRkb3duLXBvc2l0aW9uIjoidG9wUmlnaHQiLCJzZ3BiLXBvcHVwLWRpbWVuc2lvbi1tb2RlIjoicmVzcG9uc2l2ZU1vZGUiLCJzZ3BiLXJlc3BvbnNpdmUtZGltZW5zaW9uLW1lYXN1cmUiOiJhdXRvIiwic2dwYi13aWR0aCI6IjY0MHB4Iiwic2dwYi1oZWlnaHQiOiI0ODBweCIsInNncGItbWF4LXdpZHRoIjoiIiwic2dwYi1tYXgtaGVpZ2h0IjoiIiwic2dwYi1taW4td2lkdGgiOiIxMjBweCIsInNncGItbWluLWhlaWdodCI6IiIsInNncGItc2hvdy1wb3B1cC1zYW1lLXVzZXIiOiJvbiIsInNncGItc2hvdy1wb3B1cC1zYW1lLXVzZXItY291bnQiOiIxIiwic2dwYi1zaG93LXBvcHVwLXNhbWUtdXNlci1leHBpcnkiOiI1Iiwic2dwYi1vcGVuLWFuaW1hdGlvbi1lZmZlY3QiOiJObyBlZmZlY3QiLCJzZ3BiLWNsb3NlLWFuaW1hdGlvbiI6Im9uIiwic2dwYi1jbG9zZS1hbmltYXRpb24tZWZmZWN0IjoiTm8gZWZmZWN0Iiwic2dwYi1jbG9zZS1hbmltYXRpb24tc3BlZWQiOiI1Iiwic2dwYi1wb3B1cC1maXhlZCI6Im9uIiwic2dwYi1wb3B1cC1maXhlZC1wb3NpdGlvbiI6IjUiLCJzZ3BiLWVuYWJsZS1jb250ZW50LXNjcm9sbGluZyI6Im9uIiwic2dwYi1wb3B1cC1vcmRlciI6IjEiLCJzZ3BiLXBvcHVwLWRlbGF5IjoiMTAiLCJzZ3BiLXBvc3QtaWQiOiIxOTM3OTk2Iiwic2dwYi1idXR0b24taW1hZ2UtZGF0YSI6IiIsInNncGItYmFja2dyb3VuZC1pbWFnZS1kYXRhIjoiIiwic2dwYkNvbmRpdGlvbnMiOm51bGx9">
<div class="sgpb-popup-builder-content-1937996 sgpb-popup-builder-content-html"><div class="sgpb-main-html-content-wrapper"><p><a href="https://www.techstrongevents.com/devopsexperience22?ref=ts-websites-pop-up-ads&utm_source=SecurityBoulevard&utm_medium=Referral&utm_campaign=ts-websites-pop-up-ads" target="_blank" rel="noopener"><img src="https://devops.com/wp-content/uploads/2022/09/Banner_770x330.png" /></a></p>
</div><style id="sgpb-custom-style-1937996">.sg-popup-content p,
.sg-popup-content img {
margin-bottom: 0;
padding-bottom: 0;
}

a, a:active, a:focus, 
button, button:focus, button:active, 
.btn, .btn:focus, .btn:active:focus, .btn.active:focus, .btn.focus, .btn.focus:active, .btn.active.focus {
    outline: none;
    outline: 0;
}

input::-moz-focus-inner {
    border: 0;
}</style></div>
</div>
</div><link rel='stylesheet' id='so-css-colormag-pro-css' href='https://securityboulevard.com/wp-content/uploads/so-css/so-css-colormag-pro.css' type='text/css' media='all' />
<link rel='stylesheet' id='widget-calendar-pro-style-css' href='https://securityboulevard.com/wp-content/plugins/events-calendar-pro/src/resources/css/widget-theme.min.css' type='text/css' media='all' />
<style id='widget-calendar-pro-style-inline-css' type='text/css'>
#tribe_events_filters_wrapper input[type=submit],
				.tribe-events-button,
				#tribe-events .tribe-events-button,
				.tribe-events-button.tribe-inactive,
				#tribe-events .tribe-events-button:hover,
				.tribe-events-button:hover,
				.tribe-events-button.tribe-active:hover {
					background-color: #5284b5;
				}
			
				.tribe-events-calendar td.tribe-events-present div[id*="tribe-events-daynum-"],
				#tribe_events_filters_wrapper input[type=submit],
				.tribe-events-button,
				#tribe-events .tribe-events-button,
				.tribe-events-button.tribe-inactive,
				#tribe-events .tribe-events-button:hover,
				.tribe-events-button:hover,
				.tribe-events-button.tribe-active:hover {
					background-color: #434366;
				}

				#tribe-events-content .tribe-events-tooltip h4,
				#tribe_events_filters_wrapper .tribe_events_slider_val,
				.single-tribe_events a.tribe-events-ical,
				.single-tribe_events a.tribe-events-gcal {
					color: #434366;
				}

				.tribe-grid-allday .tribe-events-week-allday-single,
				.tribe-grid-body .tribe-events-week-hourly-single,
				.tribe-grid-allday .tribe-events-week-allday-single:hover,
				.tribe-grid-body .tribe-events-week-hourly-single:hover {
					background-color: #434366;
					border-color: rgba(0, 0, 0, 0.3);
				}
			
				.tribe-events-list .tribe-events-loop .tribe-event-featured,
				.tribe-events-list #tribe-events-day.tribe-events-loop .tribe-event-featured,
				.type-tribe_events.tribe-events-photo-event.tribe-event-featured .tribe-events-photo-event-wrap,
				.type-tribe_events.tribe-events-photo-event.tribe-event-featured .tribe-events-photo-event-wrap:hover {
					background-color: #1b253c;
				}

				#tribe-events-content table.tribe-events-calendar .type-tribe_events.tribe-event-featured {
					background-color: #1b253c;
				}

				.tribe-events-list-widget .tribe-event-featured,
				.tribe-events-venue-widget .tribe-event-featured,
				.tribe-mini-calendar-list-wrapper .tribe-event-featured,
				.tribe-events-adv-list-widget .tribe-event-featured .tribe-mini-calendar-event {
					background-color: #1b253c;
				}

				.tribe-grid-body .tribe-event-featured.tribe-events-week-hourly-single {
					background-color: rgba(27,37,60, .7 );
					border-color: #1b253c;
				}

				.tribe-grid-body .tribe-event-featured.tribe-events-week-hourly-single:hover {
					background-color: #1b253c;
				}

				.tribe-button {
					background-color: #1b253c;
					color: #fff;
				}

				.tribe-button:hover,
				.tribe-button:active,
				.tribe-button:focus {
					background-color: #030407;
				}

				#tribe-events .tribe-event-featured .tribe-button:hover {
					color: #000000;
				}
			
				#tribe-events td.tribe-events-present div[id*="tribe-events-daynum-"],
				#tribe-events td.tribe-events-present div[id*="tribe-events-daynum-"] > a {
					background-color: #5284b5;
					color: #fff;
				}

				#tribe-events .tribe-events-grid .tribe-grid-header div.tribe-week-today {
					background-color: #5284b5;
				}

				.tribe-grid-allday .tribe-events-week-allday-single,
				.tribe-grid-body .tribe-events-week-hourly-single,
				.tribe-grid-allday .tribe-events-week-allday-single:hover,
				.tribe-grid-body .tribe-events-week-hourly-single:hover {
					background-color: #5284b5;
					background-color: rgba( 82, 132, 181, .75 );
					border-color: #385e83
				}

			
				.tribe-events-list-widget .tribe-event-featured .tribe-event-image,
				.tribe-events-venue-widget .tribe-event-featured .tribe-event-image,
				.tribe-events-adv-list-widget .tribe-event-featured .tribe-event-image,
				.tribe-mini-calendar-list-wrapper .tribe-event-featured .tribe-event-image {
					display: none;
				}
</style>
<link rel='stylesheet' id='tribe_events-widget-calendar-pro-override-style-css' href='https://securityboulevard.com/wp-content/themes/colormag-pro/tribe-events/pro/widget-calendar.css' type='text/css' media='all' />
<link rel='stylesheet' id='shortcodes-ultimate-extra-css' href='https://securityboulevard.com/wp-content/plugins/shortcodes-ultimate-extra/includes/css/shortcodes.css' type='text/css' media='all' />
<link rel='stylesheet' id='su-shortcodes-css' href='https://securityboulevard.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css' type='text/css' media='all' />
<script type="a013c9d52a0a1157690516e6-text/javascript" id='pt-cv-content-views-script-js-extra'>
/* <![CDATA[ */
var PT_CV_PUBLIC = {"_prefix":"pt-cv-","page_to_show":"5","_nonce":"7c695aceb5","is_admin":"","is_mobile":"","ajaxurl":"https:\/\/securityboulevard.com\/wp-admin\/admin-ajax.php","lang":"","loading_image_src":"data:image\/gif;base64,R0lGODlhDwAPALMPAMrKygwMDJOTkz09PZWVla+vr3p6euTk5M7OzuXl5TMzMwAAAJmZmWZmZszMzP\/\/\/yH\/C05FVFNDQVBFMi4wAwEAAAAh+QQFCgAPACwAAAAADwAPAAAEQvDJaZaZOIcV8iQK8VRX4iTYoAwZ4iCYoAjZ4RxejhVNoT+mRGP4cyF4Pp0N98sBGIBMEMOotl6YZ3S61Bmbkm4mAgAh+QQFCgAPACwAAAAADQANAAAENPDJSRSZeA418itN8QiK8BiLITVsFiyBBIoYqnoewAD4xPw9iY4XLGYSjkQR4UAUD45DLwIAIfkEBQoADwAsAAAAAA8ACQAABC\/wyVlamTi3nSdgwFNdhEJgTJoNyoB9ISYoQmdjiZPcj7EYCAeCF1gEDo4Dz2eIAAAh+QQFCgAPACwCAAAADQANAAAEM\/DJBxiYeLKdX3IJZT1FU0iIg2RNKx3OkZVnZ98ToRD4MyiDnkAh6BkNC0MvsAj0kMpHBAAh+QQFCgAPACwGAAAACQAPAAAEMDC59KpFDll73HkAA2wVY5KgiK5b0RRoI6MuzG6EQqCDMlSGheEhUAgqgUUAFRySIgAh+QQFCgAPACwCAAIADQANAAAEM\/DJKZNLND\/kkKaHc3xk+QAMYDKsiaqmZCxGVjSFFCxB1vwy2oOgIDxuucxAMTAJFAJNBAAh+QQFCgAPACwAAAYADwAJAAAEMNAs86q1yaWwwv2Ig0jUZx3OYa4XoRAfwADXoAwfo1+CIjyFRuEho60aSNYlOPxEAAAh+QQFCgAPACwAAAIADQANAAAENPA9s4y8+IUVcqaWJ4qEQozSoAzoIyhCK2NFU2SJk0hNnyEOhKR2AzAAj4Pj4GE4W0bkJQIAOw==","is_mobile_tablet":"","sf_no_post_found":"No posts found.","lf__separator":"____"};
var PT_CV_PAGINATION = {"first":"\u00ab","prev":"\u2039","next":"\u203a","last":"\u00bb","goto_first":"Go to first page","goto_prev":"Go to previous page","goto_next":"Go to next page","goto_last":"Go to last page","current_page":"Current page is","goto_page":"Go to page"};
/* ]]> */
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js' id='pt-cv-content-views-script-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/js/cvpro.min.js' id='pt-cv-public-pro-script-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" id='leadin-script-loader-js-js-extra'>
/* <![CDATA[ */
var leadin_wordpress = {"userRole":"visitor","pageType":"post","leadinPluginVersion":"9.0.123"};
/* ]]> */
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://js.hs-scripts.com/1628905.js?integration=WordPress&#038;ver=9.0.123' async defer id='hs-script-loader'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://secure.gravatar.com/js/gprofiles.js' id='grofiles-cards-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" id='wpgroho-js-extra'>
/* <![CDATA[ */
var WPGroHo = {"my_hash":""};
/* ]]> */
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/jetpack/modules/wpgroho.js' id='wpgroho-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/sticky/jquery.sticky.min.js' id='colormag-sticky-menu-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" id='colormag-news-ticker-js-extra'>
/* <![CDATA[ */
var colormag_ticker_settings = {"breaking_news_slide_effect":"up","breaking_news_duration":"7000","breaking_news_speed":"1000"};
/* ]]> */
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/news-ticker/jquery.newsTicker.min.js' id='colormag-news-ticker-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/magnific-popup/jquery.magnific-popup.min.js' id='colormag-featured-image-popup-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/navigation.min.js' id='colormag-navigation-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/fitvids/jquery.fitvids.min.js' id='colormag-fitvids-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/theia-sticky-sidebar/theia-sticky-sidebar.min.js' id='theia-sticky-sidebar-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/theia-sticky-sidebar/ResizeSensor.min.js' id='ResizeSensor-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" id='colormag-custom-js-extra'>
/* <![CDATA[ */
var colormag_load_more = {"tg_nonce":"77cd7e298f","ajax_url":"https:\/\/securityboulevard.com\/wp-admin\/admin-ajax.php"};
/* ]]> */
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/colormag-custom.min.js' id='colormag-custom-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/jquery.mCustomScrollbar.js' id='custom-scrollbar-js-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/themes/colormag-pro/js/datatables.min.js' id='custom-datatables-js-js'></script>
<script type='text/javascript' data-cfasync="false" src='https://securityboulevard.com/wp-content/plugins/dflip/assets/js/dflip.min.js' id='dflip-script-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js' id='jetpack-twitter-timeline-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-includes/js/hoverIntent.min.js' id='hoverIntent-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" id='megamenu-js-extra'>
/* <![CDATA[ */
var megamenu = {"timeout":"300","interval":"100"};
/* ]]> */
</script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://securityboulevard.com/wp-content/plugins/megamenu/js/maxmegamenu.js' id='megamenu-js'></script>
<script type="a013c9d52a0a1157690516e6-text/javascript" src='https://cdn.onesignal.com/sdks/OneSignalSDK.js' async='async' id='remote_sdk-js'></script>

<style type="text/css">
.su-posts-default-loop { 
	margin-left: 15px !important;
	padding-left: 15px !important;
}

.su-posts-default-loop .su-post {
	margin-bottom: 1.5em;
	line-height: 1.2 !important;
}
.su-column-centered {
     margin-top: 10px;
}
</style>

<script src='https://stats.wp.com/e-202242.js' defer type="a013c9d52a0a1157690516e6-text/javascript"></script>
<script type="a013c9d52a0a1157690516e6-text/javascript">
	_stq = window._stq || [];
	_stq.push([ 'view', {v:'ext',j:'1:11.4',blog:'133346385',post:'1879181',tz:'-4',srv:'securityboulevard.com'} ]);
	_stq.push([ 'clickTrackerInit', '133346385', '1879181' ]);
</script>
<script src="/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js" data-cf-settings="a013c9d52a0a1157690516e6-|49" defer=""></script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194" integrity="sha512-Gi7xpJR8tSkrpF7aordPZQlW2DLtzUlZcumS8dMQjwDHEnw9I7ZLyiOj/6tZStRBGtGgN6ceN6cMH8z7etPGlw==" data-cf-beacon='{"rayId":"75bcf814b98add83","token":"33edbdb5f462496f85e52978979b687b","version":"2022.8.1","si":100}' crossorigin="anonymous"></script>
</body>
</html>
